Dharma Ransomware Uses AV Tool to Distract from Malicious Activities
Jump to navigation
Jump to search
(Publication) Google search: [1]
Dharma Ransomware Uses AV Tool to Distract from Malicious Activities | |
---|---|
Botnet | Dharma |
Malware | |
Botnet/malware group | Ransomware |
Exploit kits | |
Services | |
Feature | |
Distribution vector | |
Target | |
Origin | |
Campaign | |
Operation/Working group | |
Vulnerability | |
CCProtocol | |
Date | 2019 / 2019-05-08 |
Editor/Conference | TrendLabs Security Intelligence Blog |
Link | https://blog.trendmicro.com/trendlabs-security-intelligence/dharma-ransomware-uses-av-tool-to-distract-from-malicious-activities/ (Archive copy) |
Author | Raphael Centeno |
Type | Blogpost |
Abstract
“ The Dharma ransomware has been around since 2016, but it has continued to target and successfully victimize users and organizations around the world. One high profile attack happened in November 2018 when the ransomware infected a hospital in Texas, encrypting many of their stored records; luckily the hospital was able to recover from the attack without paying the ransom. Trend Micro recently found new samples of Dharma ransomware using a new technique: using software installation as a distraction to help hide malicious activities.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2019BFR5368, editor = {TrendLabs Security Intelligence Blog}, author = {Raphael Centeno}, title = {Dharma Ransomware Uses AV Tool to Distract from Malicious Activities}, date = {08}, month = May, year = {2019}, howpublished = {\url{https://blog.trendmicro.com/trendlabs-security-intelligence/dharma-ransomware-uses-av-tool-to-distract-from-malicious-activities/}}, }