Malware News New Brrr Dharma Ransomware Variant Released

LASER_oneXM

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Content source
https://www.bleepingcomputer.com/news/security/new-brrr-dharma-ransomware-variant-released/
Distributed through hacked Remote Desktop Services

The Dharma Ransomware family, including this Brrr variant, is manually installed by attackers who hack into Remote Desktop Services connected directly to the Internet. These attackers will scan the Internet for computers running RDP, usually on TCP port 3389, and then attempt to brute force the password for the computer.

There are also underground sites that sell known credentials for publicly accessible computers running remote Remote Desktop Services that attackers can buy.

Once they gain access to the computer they will install the ransomware and let it encrypt the computer. If the attackers are able to encrypt other computers on the network, they will attempt to do so as well.
Click to expand...

It should be noted that this ransomware will encrypt mapped network drives, shared virtual machine host drives, and unmapped network shares. So it is important to make sure your network's shares are locked down so that only those who actually need access have permission.

You can see an example of a folder encrypted by the Brrr Ransomware variant below.
Click to expand...
 
  • Like
Reactions: upnorth, Fel Grossi, spaceoctopus and 1 other person
You must log in or register to reply here.

Similar threads

[correlate]
    • Like
MSSQL Databases Under Fire From FreeWorld Ransomware
Replies
0
Views
783
News Archive
[correlate]
[correlate]
Gandalf_The_Grey
    • Like
    • Wow
US energy firm shares how Akira ransomware hacked its systems
Replies
0
Views
656
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
silversurfer
    • +Reputation
    • Like
Malware News New BIFROSE Linux Malware Variant Using Deceptive VMware Domain for Evasion
Replies
0
Views
1,112
Security News
silversurfer
silversurfer

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top