Is my Red Hat product affected by WannaCrypt/WannaCry, Petya/NotPetya, or Bad Rabbit ransomware?

Solution Verified - Updated -

Environment

  • Red Hat Enterprise Products

Issue

  • I'm concerned that my Red Hat product is affected by the recent ransomwares, specifically Bad Rabbit, Wannacrypt and Petya (also called NotPetya).
  • Should I worry about these ransomwares?
  • Is Red Hat Enterprise Linux vulnerable to Bad Rabbit, Wannacrypt and NotPetya ransomwares?
  • I've read about a ransomware attacks on the Register here, here and here, what do I need to know?

Resolution

  • Red Hat products are not impacted by these issues.

Root Cause

  • Bad Rabbit is a ransomware that uses a fake Adobe Flash installer, then a brute force password guess attack on SMB shares.
  • Wannacrypt and NotPetya are ransomware campaigns that exploit an SMBv1 flaw present in some legacy operating systems.

  • More details about the Bad Rabbit ransomware can be found on the Microsoft Support Website

  • More details about the Wannacrypt ransomware can be found on the Microsoft Support Website
  • More details about Petya/NotPetya ransomware can be found on Microsoft blog.

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

Comments