Views:
Summary

BadRabbit has been reported to might have spread through the following scenarios:

  • Fake Flash updates.
  • Incorporates itself through the use of Mimikatz, an open source tool that extracts plaintext passwords, hash, PIN code and kerberos tickets from memory, to extract credentials, and using a list of common hard-coded credentials such as Admin, Guest, User, root, etc.
  • Uses a legitimate tool, DiskCryptor, an open source full disk encryption system, which allows encryption of the computer's entire hard drive or individual partitions, for encryption of victim's systems.
Solution

Here are the steps to make sure you are protected from BadRabbit:

  1. Make sure you are using the latest version of Trend Micro Security to stay safe from BadRabbit ransomware.
    You can check here if you already have the latest version or follow instructions here to upgrade Trend Micro Security to the latest version.

    Read: How Can Trend Micro Security protect me from Ransomware?

  2. Make sure your Trend Micro Security has the latest Security and Program updates. You can check here to manually update your Trend Micro Security.
Add a comment