Bad Rabbit is Back in the News

In late October, the ransomware attack known as Bad Rabbit took organizations around the world under siege, freezing computer systems and demanding outstanding ransom to get them restored.  Multiple cases of infection were reported by the Department of Homeland Security within the first few hours.  Bad Rabbit started with social engineering platforms, disguising itself as an Adobe Flash Installer while actually containing the same code as the Petya virus that struck this past summer.  Now, nearly a month later, BadRabbit is back in the news and causing organizations to worry about possible infection.  Here at Pegasus, we’re keeping up with the latest updates, and taking the necessary precautions to keep our partners safe from these outbreaks.

What’s happening?

BadRabbit is back in the news due to a report that a series of parallel phishing attacks occurred at the same time as the outbreak, leading experts to believe that the same group carried out both attacks.  This time, they targeted users of Russian-designed 1C software with emails that claimed to be from the developer. In both cases, the perpetrator’s main goal is to get remote and undetected access to confidential information from organizations. Once they achieve control, they render a system completely inoperable and spread their encryption across corporate networks.

While these parallel campaigns are unique from previous attacks, many researchers are pointing to the similarities they have to the Petya and NotPetya viruses, drawing the conclusion that a larger shared connection might be among us.  This leaves us wondering, what ransomware or phishing attack will be unleashed next?

How can I stay protected?

If you’re a Pegasus member, you’re already aware of the lengths we go to keep your company safe.  We have access to industry leading software like the EZXploit campaign, which emulates phishing attacks and diagnoses which of your users are susceptible to hackers. If you’re not a Pegasus member, contact us to learn more about our extensive cyber-security solutions.   In the meantime, vamp up your organization’s password policies, eliminate weak passwords from your database, and check out this page for more tips.