Dharma/Crysis: Overview and Adversary Tracking

malware + Intelligence Cluster25 todaySeptember 17, 2021

Dharma, a family of ransomware first spotted in 2016, is a malicious program that encrypts a victim’s files and takes as hostage the data on demand for the ransom payment to restore the data back. It belongs to a fairly widespread ransomware family that has been successful over time, especially due to
the many variants related to it and the fact that it has often represented the basis for R-a-a-S
(Ransomware-as-a-Service) programs.

C25 Intelligence reports from where Dharma variants have been operated during 2020, its evolution and how to defend against this threat.

Download Cluster25 Report

Written by: Cluster25

Tagged as: , , .

Previous post

APT Cluster25 / September 10, 2021

A RattleSnake in the Navy

Recent geopolitical events are leading to an increase in cyber operations in the Central Asian region. Among the actors involved in these activities there are certainly those believed to be close to the Indian government, such as RattleSnake. It is [...]

Similar posts

malware Cluster25 / January 3, 2022

North Korean Group “KONNI” Targets the Russian Diplomatic Sector with new Versions of Malware Implants

Cluster25 analyzed a recent attack linked to the North Korean APT group “Konni” targeting Russian diplomatic sector using a spear phishing theme for New Year’s Eve festivities as lure. Once the malicious email attachment is opened and executed, a chain composed by multiple stages is triggered, allowing actor to install an implant belonging to the ...

Read more trending_flat