It recently has been made even more successful by a change in the way the hackers controlling it are deploying it.
The first part of their latest campaign remains unchanged. They rely on well-crafted phishing emails to lure employees in.
The key difference, however, lies in the particulars of the newly crafted emails.
It asks you to install an antivirus
In a nutshell, the group has begun imploring email recipients to protect their systems by installing the latest antivirus software. The emails include a helpful link to the antivirus, which of course doesn't point to antivirus software at all. Rather, it is the ransomware they're trying to deploy inside corporate networks.
Worst of all, the emails claim to be from Microsoft, one of the biggest, most recognizable and most trusted names in the industry. So, there's a good chance that at least one of your employees will take the bait. In a bid to be good, proactive employees, they will seek to install what they think is antivirus software.
Once installed the user is locked out of their computer
Once they start the installation, the damage is done. It will lock every file on the victim's system, demand ransom, and seek to spread itself to as many other systems inside your network as it can reach.
Raphael Centeno, a security researcher at Trend Micro had this to say about the new twist on the malware strain:
"As proven by the new samples of Dharma, many malicious actors are still trying to upgrade old threats and use new techniques. Ransomware remains a costly and versatile threat."
As ever, the best way to guard against this type of threat starts with employee education. Employees should not be in the habit of installing their own antivirus software in the first place, so a gentle reminder to that effect should go a long way toward limiting the threat, but it still pays to be very much on your guard.
Meanwhile, check out this report
Free Executive Report: 10 Hidden IT Risks That Might Threaten Your Business
Thanks for reading this short post. For more tips on thriving with small business technology, check out the other blog posts at DWPia Blogs. I am also available at dwpia on LinkedIn, at dwpia on Facebook, and @dwpia on Twitter.
I am Denis Wilson, President and Principal Consultant for DWP Information Architects. We specialize in managed IT support for smaller healthcare practices, financial services firms, and nonprofits in Ventura County and San Fernando Valley. And have created cost-effective IT solutions, for over 20 years, specializing in cybersecurity and regulatory compliance. I am also a published author and speaker, working extensively with a variety of organizations. As well as providing small business technology education programs through business and professional associations.
Contact me if you would like me to speak at your association.