Difference between revisions of "Dharma Ransomware Uses AV Tool to Distract from Malicious Activities"

From Botnets.fr
Jump to navigation Jump to search
(Created page with "{{Publication| Link=https://blog.trendmicro.com/trendlabs-security-intelligence/dharma-ransomware-uses-av-tool-to-distract-from-malicious-activities/}}")
 
Line 1: Line 1:
{{Publication| Link=https://blog.trendmicro.com/trendlabs-security-intelligence/dharma-ransomware-uses-av-tool-to-distract-from-malicious-activities/}}
{{Publication
|Botnet=Dharma,
|Group=Ransomware,
|Year=2019
|Date=2019-08-01
|Editor=TrendLabs Security Intelligence Blog
|Link=https://blog.trendmicro.com/trendlabs-security-intelligence/dharma-ransomware-uses-av-tool-to-distract-from-malicious-activities/
|Author=Raphael Centeno,
|Type=Blogpost
|Abstract=The Dharma ransomware has been around since 2016, but it has continued to target and successfully victimize users and organizations around the world. One high profile attack happened in November 2018 when the ransomware infected a hospital in Texas, encrypting many of their stored records; luckily the hospital was able to recover from the attack without paying the ransom. Trend Micro recently found new samples of Dharma ransomware using a new technique: using software installation as a distraction to help hide malicious activities.
}}

Revision as of 15:13, 12 May 2019

(Publication) Google search: [1]

Dharma Ransomware Uses AV Tool to Distract from Malicious Activities
Botnet Dharma
Malware
Botnet/malware group Ransomware
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2019 / 2019-08-01
Editor/Conference TrendLabs Security Intelligence Blog
Link https://blog.trendmicro.com/trendlabs-security-intelligence/dharma-ransomware-uses-av-tool-to-distract-from-malicious-activities/ (Archive copy)
Author Raphael Centeno
Type Blogpost

Abstract

The Dharma ransomware has been around since 2016, but it has continued to target and successfully victimize users and organizations around the world. One high profile attack happened in November 2018 when the ransomware infected a hospital in Texas, encrypting many of their stored records; luckily the hospital was able to recover from the attack without paying the ransom. Trend Micro recently found new samples of Dharma ransomware using a new technique: using software installation as a distraction to help hide malicious activities.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2019BFR5368,
   editor = {TrendLabs Security Intelligence Blog},
   author = {Raphael Centeno},
   title = {Dharma Ransomware Uses AV Tool to Distract from Malicious Activities},
   date = {01},
   month = Aug,
   year = {2019},
   howpublished = {\url{https://blog.trendmicro.com/trendlabs-security-intelligence/dharma-ransomware-uses-av-tool-to-distract-from-malicious-activities/}},
 }