Dear valued customers and dealers,

Bad Rabbit: The Rise of a New Ransomware Epidemic

A new cyber attack is affecting computer systems around Europe.

A strain of ransomware known as “Bad Rabbit” is believed to be behind the trouble, and has spread to Russia, Ukraine, Turkey and Germany.


1) What is it

Bad Rabbit is a previously unknown family member of ransomware who made its debut on the morning of October 24th, in Russia lasting until midday with reports coming in from Ukraine of similar

2) How it comes into your PC

Bad Rabbit is distributed with the help of drive-by attacks whereby a malware dropper is downloaded from the threat actors infrastructure, simultaneously while the target visits legitimate websites for news and media updates.

No exploits were used, so the victim would have to manually execute the malware dropper, which pretends to be an Adobe Flash Installer or etc.



3) When Kaspersky started to detect

We at Kaspersky Lab, have been proactively detecting the original vector attack since it began on the morning of October, 24th in Russia. The attack lasted until midday, although we are still detecting ongoing attacks in Russia with reports of victims in Ukraine.


4) What steps to take to guard against it

Our experts at Kaspersky Lab are working tirelessly on a detailed analysis of this ransomware to find possible flaws in its cryptographic routines.

Our corporate customers are advised to:

  1. Make sure that all protection mechanisms are activated as recommended; and that KSN and System Watcher components (which are enabled by default) are not disabled.
  2. Update the antivirus databases immediately.

The above mentioned measures should be sufficient. However, as additional precautions we advise the following:

  1. Restricting execution of files with the paths c:\windows\infpub.dat and C:\Windows\cscc.dat in Kaspersky Endpoint Security.
  2. Configuring and enabling Default Deny mode in the Application Startup Control component of Kaspersky Endpoint Security to ensure and enforce proactive defense against this and other attacks.


For More info on Bad Rabbit, visit the link here.


For further support, please contact our support help desk at 03 8075 2050 or