BadRabbit Ransomware: A SonicWall Alert

First Published:10/25/2017 Last Updated:12/20/2019

What Is Bad Rabbit Ransomware?

On Tuesday, Oct. 24, a new strand of ransomware named Bad Rabbit appeared in Russia and the Ukraine and spread throughout the day. It first was found after attacking Russian media outlets and large organizations in the Ukraine. The initial installer masquerades as a Flash update.  Interestingly, this malware contains a list of hardcoded Windows credentials, most likely to brute force entry into devices on the network, according to SonicWall Capture Labs Threat researchers. 

Are SonicWall Customers Protected from Bad Rabbit?

Yes. SonicWall Capture Labs released signatures to protect against Bad Rabbit malware that are available for anyone with an active Gateway Security subscription (GAV/IPS).  In addition, SonicWall Capture Advanced Threat Protection (ATP) sandboxing service is designed to provide real-time protection against new strains of malware even before signatures are available on the firewall.

For more information please see: Are SonicWall customers protected from BadRabbit?