News Categories

Kaspersky Lab and Check Point Software weigh in on outbreak of Bad Rabbit

By Nickey Ross - on 26 Oct 2017, 6:21pm

Kaspersky Lab and Check Point Software weigh in on outbreak of Bad Rabbit

Image source: HackRead.

As we reported yesterday, the Bad Rabbit epidemic has been targeting businesses in parts of Europe.

Regarding the epidemic, Kaspersky Lab has mentioned that many victims in Russia were targeted and that devices were infected with the ransomware through a number of Russian media websites that were also hacked. Kaspersky Lab suggests that this has been a targeted attack on corporate networks using tactics similar to those employed during the NotPetya attack. Kaspersky Lab's products identify the attack with these verdicts:

  • UDS:DangerousObject.Multi.Generic (detected by Kaspersky Security Network)
  • PDM:Trojan.Win32.Generic (detected by System Watcher)
  • Trojan-Ransom.Win32.Gen.ftl

Kaspersky Lab is encouraging its corporate customers to ensure that all protection mechanisms are active. in addition to making sure that KSN and System Watcher components that are enabled by default remain that way. The cybersecurity firm also urges users that aren't using their security solutions to inhibit execution of files with paths c:\windows\infpub.dat and C:\Windows\cscc.dat using the System Administrator’s components.

Check Point Software also weighed in on the attack, saying that the Bad Rabbit ransomware is new. It also touches on another security risk, crypto mining of crypto-currencies such as Bitcoin or Ethereum that uses up CPU  (and GPU) power in the process. There are other hazards like KRACK WiFi, the ROCA factorization attack as well as the DUHK cryptographic vulnerability as well.

It has been discovered that crypto-currency miners infuse code into prominent websites with web streaming and sharing without knowledge of the users, utilizing up to 65 percent of their CPU power.

Besides that, crypto-mining malware attacks are also on the rise. Disturbingly, hackers are also able to use the web browser of an unsuspecting user to mine crypto-currencies. For instance, the CoinHive hack via leaked passwords demonstrate how easy it is to hack with just a javascript code and DNS.

Additionally, Kaspersky Lab uploaded a video that shows how the Bad Rabbit ransomware operates, which can be seen below.

For more tech news, follow us here.