Tuesday, August 11, 08:51
Home security The Dharma ransomware source code is being sold on hacking forums

The Dharma ransomware source code is being sold on hacking forums

Dharma ransomware hacking forums

Ο source code of the popular Dharma ransomware found towards sale in two russian hacking forums the weekend.

The FBI has stated that Dharma ransomware is This makes it a perfect choice for people with diabetes and for those who want to lose weight or follow a balanced diet. second most profitable ransomware in recent years, having received from victims more than $ 24 million between November 2016 and November 2019.

Now, his source code is being sold on hacking forums for just $ 2.000, which has baffled researchers. security.

Many ransomware experts believe that the sale of Dharma ransomware code will likely lead to wider leakage in the Internet. This, in turn, will lead to its widespread spread across multiple crime groups at cyberspace. Therefore The attacks will increase.

Experts worry that Dharma is one advanced ransomware, created by an experienced creator malware. Its encryption template is very advanced.

The only time ransomware was "decrypted" was when a group of people leaked the key decryption keys. That is, the decryption was not made possible by some error in the encryption template.

source code

A brief history of Dharma ransomware

Dharma ransomware first appeared under the name Crysis in the summer of 2016.

CrySis was one Ransomware-as-a-Service (RaaS) business. Their creator CrySiS created a service where customers (other criminal gangs) could create their own versions of ransomware to distribute it to victims - usually via spam campaigns, exploit kits and brute-force attacks.

However, in November 2016, someone leaked the CrySiS decryption key so CrySiS RaaS reappeared two weeks later under the name Dharma.

Some Dharma decryption keys also leaked in March 2017, but the hackers did not change their name this time around and continued to work undisturbed, making Dharma Ransomware-as-a-Service one of the most powerful and profitable businesses.

For years, there have been many versions of Dharma, as ransomware has received many updates and new customers have wanted to distribute it across the globe, creating their own unique variations.

The last two years, the ransomware attacks have become more targeted. This pattern of attack was followed by Dharma.

In the spring of 2019, a new ransomware named Phobos he appeared. Security investigators from Coveware and Malwarebytes found that Phobos was identical to Dharma ransomware.

However, Dharma continued to be used in its original form. During 2019, the attacks were 50-50.

Jakub Kroustek, head security of Avast, he found three new releases of Dharma ransomware just this week, which means that criminal groups are still using it fanatically even today.

John Fokker, Head of Research at McAfee, said that the ransomware source code has been leaked for some time, but has now been published in the most popular hacking forums.

Fokker now hopes that Dharma's source code will eventually be in the hands of researchers to find a way to decrypt it.

"If we can get the source code, maybe we can find some flaws," Fokker said today.


Please enter your comment!
Please enter your name here

Digital Fortress
Digital Fortresshttps://www.secnews.gr
Pursue Your Dreams & Live!


The best security cameras to protect your home!

If you are afraid of intruders in your home, these security cameras can stream live video directly to your phone.

Do hackers carry out their attacks in real time?

More generally, there is a perception that hackers are suddenly infiltrating systems and devices and carrying out attacks. However, the reality is different. The...

Facebook: How to hide old posts

Facebook has introduced a new tool called "Activity Management" that will allow you to delete old posts, helping you to improve ...

How to download and install the Play Store on laptops and PCs?

Nowadays, many people rely on their smartphones, as they can be used easily and quickly for ...

Portable air conditioner: It is worn on the back and as a jewel 😛

Portable air conditioner - Worn on the back and like jewelry: 40 degrees and we have melted. Those of you who are lucky on the beach, please stop ...

How to download Google Camera Port 7.4 / GCam 7.4 on Xiaomi devices?

Pixel devices have Google Camera (GCam) as their default camera application. And since the Pixel series is known for ...

How to type in multiple languages ​​simultaneously on Android

People in today's world are very much addicted to smartphones. They provide access to many applications that can be used mainly ...

LucidPix: Make your photos 3D with this app!

Give a 3D format to your photos, with the LucidPix application, which is available in various versions for both Android and iPhone ...

Private or anonymous browsing: Does it guarantee your privacy on the Internet?

The term "private" is relevant, especially when it comes to private or anonymous browsing on the Internet, a setting in your web browser ...

Businesses: 8 types of cyber attacks to watch out for

Nowadays, all businesses, small and large must be on alert, as they can ...