Report an incident

Get 24/7 incident response assistance from our global team

Talk to sales

Just fill out the form, and our representative will contact you soon.

Join the Cybercrime Fighters Club

Please review the following rules before submitting your application:

1. Our main objective is to foster a community of like-minded individuals dedicated to combatting cybercrime and who have never engaged in Blackhat activities.

2. All applications must include research or a research draft. You can find content criteria in the blog. Please provide a link to your research or research draft using the form below.

Group-IB shares Bad Rabbit ransomware information with INTERPOL

Media Center Press Releases
November 2, 2017 · 2 min to read
White

Moscow, November 2nd, 2017 – Group-IB, one of the global leaders in high-fidelity Threat Intelligence and best in class anti-fraud solutions has discovered digital traces of cybercriminal activity connected with Bad Rabbit ransomware.

In accordance with a partnership with INTERPOL and Group-IB this information has been passed to the INTERPOL Global Complex for Innovation. Under the agreement, the parties will exchange data to fight cybercrime more effectively through identifying criminal trends in cyber-space, emerging and known cyber-threats and malicious attacks.

Noboru Nakatani and Ilya Sachkov sign the agreement on cooperation between INTERPOL and Group-IB

Noboru Nakatani and Ilya Sachkov sign the agreement on cooperation between INTERPOL and Group-IB

Group-IB has conducted technical research into Bad Rabbit ransomware that last week attacked a number of Russia’s major media outlets and financial organizations, as well as infrastructure facilities in the Ukraine (metro, airport, Ministry of Infrastructure). The experts discovered the source and methods of malware distribution, analyzed its structure and functionality and concluded that the same hacker group was responsible for both Bad Rabbit and NotPetya. The latter attacked energy, telecommunications and financial companies in the Ukraine in June 2017.

In the course of their research Group-IB experts discovered traces that will enable researchers to identify the criminals behind this attack. A part of the data from compromised sites was sent to a server, which was compromised by the same techniques previously used by the North Korean group, Lazarus. This information was passed to INTERPOL for further investigation.

To effectively combat today’s cyber-threats, cooperation between the public and private sectors is essential. INTERPOL’s agreement with Group-IB is an important step in our ongoing efforts to ensure law enforcement worldwide has access to the information they need to address the scale and complexity of today’s cybercrime landscape.

Noboru Nakatani, Executive Director of the IGCI, INTERPOL
Noboru Nakatani

Executive Director of the IGCI

International cooperation in cybercrime investigations is vitally important, since there are no borders in cyberspace and cybercriminals dexterously use these principal differences of the real and virtual world to escape punishment. We’re glad we now have the opportunity to exchange the information not only with INTERPOL, but with all the organizations of this community on the regular basis. I’m sure this will provide a synergetic effect, and in the near future we’ll see considerable progress in the investigation of not only Bad Rabbit, but a number of other attacks and cybercriminal groups.

Ilya Sachkov
Ilya Sachkov

CEO Group-IB

About Group-IB

Founded in 2003 and headquartered in Singapore, Group-IB is a leading creator of cybersecurity technologies to investigate, prevent, and fight digital crime. Combating cybercrime is in the company’s DNA, shaping its technological capabilities to defend businesses, citizens, and support law enforcement operations.

Group-IB’s Digital Crime Resistance Centers (DCRCs) are located in the Middle East, Europe, Central Asia, and Asia-Pacific to help critically analyze and promptly mitigate regional and country-specific threats. These mission-critical units help Group-IB strengthen its contribution to global cybercrime prevention and continually expand its threat-hunting capabilities.

Group-IB’s decentralized and autonomous operational structure helps it offer tailored, comprehensive support services with a high level of expertise. We map and mitigate adversaries’ tactics in each region, delivering customized cybersecurity solutions tailored to risk profiles and requirements of various industries, including retail, healthcare, gambling, financial services, manufacturing, crypto, and more.

The company’s global security leaders work in synergy with some of the industry’s most advanced technologies to offer detection and response capabilities that eliminate cyber disruptions agilely.

Group-IB’s Unified Risk Platform (URP) underpins its conviction to build a secure and trusted cyber environment by utilizing intelligence-driven technology and agile expertise that completely detects and defends against all nuances of digital crime. The platform proactively protects organizations’ critical infrastructure from sophisticated attacks while continuously analyzing potentially dangerous behavior all over their network.

The comprehensive suite includes the world’s most trusted Threat Intelligence, The most complete Fraud Protection, AI-powered Digital Risk Protection, Multi-layered protection with Managed Extended Detection and Response (XDR), All-infrastructure Business Email Protection, and External Attack Surface Management.

Furthermore, Group-IB’s full-cycle incident response and investigation capabilities have consistently elevated industry standards. This includes the 77,000+ hours of cybersecurity incident response completed by our sector-leading DFIR Laboratory, more than 1,400 successful investigations completed by the High-Tech Crime Investigations Department, and round-the-clock efforts of CERT-GIB.

Time and again, its solutions and services have been revered by leading advisory and analyst agencies such as Aite Novarica, Gartner®, Forrester, Frost & Sullivan, KuppingerCole Analysts AG, and more.

Being an active partner in global investigations, Group-IB collaborates with international law enforcement organizations such as INTERPOL, EUROPOL and AFRIPOL to create a safer cyberspace. Group-IB is also a member of the Europol European Cybercrime Centre’s (EC3) Advisory Group on Internet Security, which was created to foster closer cooperation between Europol and its leading non-law enforcement partners.

Read next
March 19, 2026
Group-IB Partners with Copy Cat Group to Strengthen Intelligence-Led Cybersecurity Across East Africa
March 13, 2026
Group-IB Supports INTERPOL’s Operation Synergia III, Contributing Intelligence to Global Cybercrime Takedown
March 12, 2026
Group-IB Expands into the Americas with Launch of Digital Crime Resistance Center in Chile
March 3, 2026
Group-IB and Nebrija University Strengthen Cybersecurity Education Through MOU and Threat Intelligence Integration
February 26, 2026
Group-IB Partners with Savex Technologies to Advance Predictive Threat Intelligence and Cyber Fraud Protection Across India and SAARC
NPUA MOU
February 16, 2026
National Polytechnic University of Armenia and Group-IB sign strategic partnership to strengthen cybersecurity education and research in Armenia
Go to all Press Releases →