Dharma ransomware used in recent attacks
A cyber security firm has reported that a number of recent cyber attacks in Asia are the result of hackers using the Dharma ransomware.
The attackers, who were described as “newbie hackers” by the report’s researchers, have been using simple tools and tactics to carry the attacks out on companies in Russia, Japan, India and China.
The tools used are publicly available and included the likes of NLBrute, Defender Control and Advanced Port Scanner amongst others. The Dharma ransomware itself was leaked online earlier this year which means it could be used by anyone who had obtained it without too much development.
Group-IB, the authors of the report, also noted that the group were requesting ransom payments of between $10,000 and $50,000 which, compared to other ransomware incidents, is relatively a small amount.
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.