Profile picture
, 4 tweets, 2 min read
My Authors
Read all threads
#Dharma, a family of ransomware first spotted in 2016, continues to be a threat to many organizations— especially small and medium-sized businesses.

(a thread... 1/4)
Part of the reason for its longevity is that its variants have become the basis for ransomware-as-a-service (RaaS) operations—the fast-food franchise of cybercrime.

(2/4)
Three recent attacks documented by SophosLabs and Sophos MTR have revealed a toolset used by Dharma “affiliates” that explains why attacks from so many different Dharma actors seem so identical, down to the tools and commands they use.

(3/4)
See our full #Dharma report by @thepacketrat: news.sophos.com/en-us/2020/08/…

(4/4)
Missing some Tweet in this thread? You can try to force a refresh.

Keep Current with SophosLabs

Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Related hashtags

#Dharma

More from @SophosLabs see all

Profile picture
SophosLabs
@SophosLabs
1/ The threat actors behind the #SamSam ransomware, now identified by the FBI in an indictment publicized today, pioneered a very specific playbook in their attacks that has inspired a rash of copycats.

Here's a thread that explains their TTP (tactics, techniques & procedures):
2/ In July, we published a report that goes into great detail about the #SamSam TTP, so if this is of interest to you, maybe check it out:

sophos.com/en-us/medialib…

What follows is a summary of some of what we covered in the report
3/ The #SamSam attackers started by conducting surveillance of the victims. They wanted to know if the victims had sufficiently deep pockets to pay the ransom, which over time averaged out to the mid-$30,000 as Bitcoin exchange rates fluctuated.
Read 20 tweets

Embed code for your website

×
Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!