US-CERT Reports Bad Rabbit Ransomware Infection

Drew Laroche

On Tuesday, October 24, 2017, a new ransomware strain has been detected spreading throughout Russia, Ukraine and Eastern Europe. The codename “Bad Rabbit” was confirmed to attributed to the ransomware by Ukrainian authorities.

While bearing similarities to recent malware attacks WannaCry and Petya earlier in the year, it is still unclear who is behind the attack.

The attack is presented in the form of a fraudulent Adobe® Flash Player update, prompting the user to install an update. Once the system is compromised, the malware encrypts the systems files and demands a BitCoin ransom to unlock them. The attack initially pushed by compromising various media and news websites, as well as Russian financial institutions according to the Russian Central Bank.

US-CERT Reports Bad Rabbit Ransomware Infection
Bad Rabbit Prompt
US-CERT Reports Bad Rabbit Ransomware Infection
Bad Rabbit Ransom
Forcepoint has issued a study and statement on the Bad Rabbit cyberattacks one day after the attack, detailing the nature and infection process of the malware.

Upon receiving multiple reports of Bad Rabbit ransomware infections in several countries, US officials and the US computer readiness team “discourages individuals and organisations from paying the ransom, as this does not guarantee that access will be restored”.

The full report and disclosure of the attack by US-CERT can be found here.[/vc_column_text]

Learn more on how Ransomware Mitigation can assist your Healthcare Organization in preparing for similar attacks.

Leave a Comment

5 Ways to Improve Your Healthcare Data SecurityHow to Make Healthcare Branding More Personal