{"description": "ICS techniques used by Bad Rabbit, ATT&CK software S0606 (v1.1)", "name": "Bad Rabbit (S0606)", "domain": "ics-attack", "versions": {"layer": "4.5", "attack": "17", "navigator": "5.1.0"}, "techniques": [{"techniqueID": "T0817", "comment": "[Bad Rabbit](https://attack.mitre.org/software/S0606) ransomware spreads through drive-by attacks where insecure websites are compromised. While the target is visiting a legitimate website, a malware dropper is being downloaded from the threat actors infrastructure. (Citation: Orkhan Mamedov, Fedor Sinitsyn, Anton Ivanov October 2017)", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0866", "comment": "[Bad Rabbit](https://attack.mitre.org/software/S0606) initially infected IT networks, but by means of an exploit (particularly the SMBv1-targeting MS17-010 vulnerability) spread to industrial networks. (Citation: Joe Slowik April 2019)", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0867", "comment": "[Bad Rabbit](https://attack.mitre.org/software/S0606) can move laterally through industrial networks by means of the SMB service. (Citation: Joe Slowik April 2019)", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0828", "comment": "Several transportation organizations in Ukraine have suffered from being infected by [Bad Rabbit](https://attack.mitre.org/software/S0606), resulting in some computers becoming encrypted, according to media reports. (Citation: ESET Bad Rabbit)", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0863", "comment": "[Bad Rabbit](https://attack.mitre.org/software/S0606) is disguised as an Adobe Flash installer. When the file is opened it starts locking the infected computer. (Citation: Orkhan Mamedov, Fedor Sinitsyn, Anton Ivanov October 2017)", "score": 1, "color": "#66b1ff", "showSubtechniques": false}], "gradient": {"colors": ["#ffffff", "#66b1ff"], "minValue": 0, "maxValue": 1}, "legendItems": [{"label": "used by Bad Rabbit", "color": "#66b1ff"}]}