Ransomware Alert! Bad Rabbit

Community Team Member

Working in the security world means that, more than likely, you will have to deal with ransomware at some point in time. Now with even more changing threats, it could be a lot sooner than later.  

bad-rabbit1.gifDon't be a victim for the Bad Rabbit. 

Now we have something NEW to deal with and it is called Bad Rabbit. It was discovered Tuesday, 24th of October 2017. It has been reported as affecting countries in Eastern Europe. In fact, Ukrainian CERT has issued an alert on Bad Rabbit.

 

Bad Rabbit gets into networks by posing as an Adobe Flash update. Once inside a network, it starts to spread like rabbits (pun).

This ransomware is similar to Petya/NotPetya, because it encrypts the infected hard drive.

 

Because the initial attack vector is through bogus updates, Bad Rabbit attacks can be prevented only by getting Adobe Flash updates from the Adobe web site.

 

Am I Covered?

The GOOD NEWS is that Palo Alto Networks customers are protected through our Next-Generation Security Platform, which provides prevention through automation, applied consistently across the network, endpoint and cloud. Palo Alto Networks customers are protected from Bad Rabbit ransomware through multiple complementary prevention controls across the platform.

 

Unit 42 has developed a Threat Brief with information about the threat:  
Threat Brief: Information on Bad Rabbit Ransomware Attacks

 

To read Unit 42's blog entry about this ransomware, go here:

Palo Alto Networks Protections Against Bad Rabbit Ransomware Attacks

 

For Unit42's Autofocus entry, please see:

https://autofocus.paloaltonetworks.com/#/tag/Unit42.BadRabbit

 

Live Community!

Please do not forget about the Live Community for all ransomware/threat questions or concerns. Please visit the Threat & Vulnerability Discussions on the Live Community (https://live.paloaltonetworks.com/t5/Threat-Vulnerability-Discussions/bd-p/Threat_Discussions)

 

Thanks for taking the time to read about this ransomware.

 

Stay Secure!

Joe Delio

6,816 Views
Ask Questions Get Answers Join the Live Community
Labels