dcsimg

A deep dive into Phobos ransomware

Phobos ransomware appeared at the beginning of 2019. It has been noted that this new strain of ransomware is strongly based on the previously known family: Dharma (a.k.a. CrySis), and probably distributed by the same group as Dharma. While attribution is by no means conclusive, you can read more about potential links between Phobos and Dharma here, to include an intriguing connection with the … [Read more...]

A week in security (May 13 – 19)

Last week, Malwarebytes Labs reviewed active and unique exploit kits targeting consumers and businesses alike, reported about a flaw in WhatsApp used to target a human rights lawyer, and wrote about an important Microsoft patch that aimed to prevent a “WannaCry level” attack. We also profiled the Dharma ransomware—aka CrySIS—and imparted four lessons from the DDoS attack against the US … [Read more...]

Threat spotlight: CrySIS, aka Dharma ransomware, causing a crisis for businesses

CrySIS, aka Dharma, is a family of ransomware that has been evolving since 2006. We have noticed that this ransomware has become increasingly active lately, increasing by a margin of 148 percent from February until April 2019. The uptick in detections may be due to CrySIS’ effective use of multiple attack vectors. Profile of the CrySIS ransomware CrySIS/Dharma, which Malwarebytes … [Read more...]

A week in security (May 6 – 12)

Last week on Labs, we discussed what to do when you discover a data breach, how 5G could impact cybersecurity strategy, the top six takeaways for user privacy, vulnerabilities in financial mobile apps that put consumers and businesses at risk, and in our series about vital infrastructure, we highlighted threats that target financial institutions, fintech, and cryptocurrencies. Other … [Read more...]