CrySIS Ransomware A Long-Standing Threat with a New Twist
CrySIS Ransomware A Long-Standing Threat with a New Twist
Threat Level
Attack Report
For a detailed threat advisory, download the pdf file here
Summary
The ransomware family CrySIS, dubbed Dharma, has been advancing since 2016. Its source code was made available to the public, enabling others to customize it for their use. The criminals behind the malware employ various tactics to infiltrate systems through exposed Microsoft Remote Desktop Protocol (RDP) servers. It is also being spread through phishing emails with attachments made to look like legitimate software installers.