Bad Rabbit Ransomware - Anti-Malware protects against it

Posted by Remote Management Staff
Remote Management Staff

Bad Rabbit Ransomware - Anti-Malware protects against it

Dear Customers,

We would like to inform you that ITbrain Anti-Malware protects against the latest ransomware attack dubbed Bad Rabbit.

Our engines are detecting it as "Gen:Heur.Ransom.BadRabbit.1 and Gen:Variant.Ransom.BadRabbit.1" and will clear the main variants. We are adding new variants to the signature list for the same malware every hour.

Please make sure all Windows systems are up to date. We also recommend keeping an external backup of all critical data as a safeguard against any data loss at all times.

The Bad Rabbit Ransomware works in similar ways as GoldenEye / NotPetya, and is spreading as a fake Adobe Flash installer.

It was first detected when critical Government Infrastructure systems in Russia and the Ukraine were infected. As of now, infections are being reported from the USA, Germany, Turkey, and Japan.

The Ransomware is using Mimikatz and Diskcryptor and it will also encrypt the Master Boot Record (MBR) of an infected computer. It will also spread itself to other systems in the network. 

If you have any questions about this topic please let us know in posts below. 

Product Owner, Remote Management services.