With the spreading of the new version of Petya/NotPetya Ransomware, called as BadRabbit, I thought it would be a nice idea to sum up it’s targets, potential damage & the found vaccination to prevent it from infecting others.
Propagation technique: fake Adobe Flash update.
-Encrypts files with selected extensions (using AES + RSA).
-Scans our Local Area Network (LAN), in order to spread to other machines.
-Master Boot Record is overwritten with the malicious bootloader and the kernel, that is meant to deploy the low level attack after the reboot.
All the details can be found here: https://www.guidemehere.com/say-hi-newer-version-petyanotpetya-ransomware-badrabbit/
Feedbacks are most welcome.