A link has been confirmed between the Bad Rabbit ransomware outbreak detected yesterday in major organizations in Russia and Ukraine and this summer’s ExPetr/Not Petya attacks.
Researchers at Kaspersky Lab said there are “clear ties” between the two attacks though one major piece of the puzzle is missing with Bad Rabbit.
Like WannaCry before it, one of ExPetr’s propagation methods was the leaked NSA exploit EternalBlue, which triggered a SMBv1 vulnerability patched by Microsoft early this year and allowed it to worm out to the internet.