Software: Bad Rabbit, Diskcoder.D

From attackics
Jump to navigation Jump to search
Bad Rabbit, Diskcoder.D
Software
ID S0005
Aliases Bad Rabbit, Diskcoder.D
Type Malware

Bad Rabbit is a self-propagating (“wormable”) ransomware that affected the transportation sector in Ukraine.1

Associated Software Descriptions

  • Bad Rabbit - 2
  • Diskcoder.D - 1

Techniques Used

  • Drive-by Compromise - Bad Rabbit ransomware spreads through drive-by attacks where insecure websites are compromised. While the target is visiting a legitimate website, a malware dropper is being downloaded from the threat actor’s infrastructure.2
  • User Execution - Bad Rabbit is disguised as an Adobe Flash installer. When the file is opened it starts locking the infected computer.2