An unidentified party has reportedly placed the source code for Dharma ransomware up for sale on at least two Russian hacker forums, adding a formidable new competitor to an already crowded underground market.
And while cybercriminals have met the offer with some healthy skepticism, the bargain-basement selling price of $2,000 may be alluring enough for prospective buyers to take their chances, said Allan Liska, Recorded Future intelligence analyst, in an interview SC Media on Monday.
“No one questions whether the code is real. Instead, the question is whether or not the seller is part of the group behind [the] Dharma/Phobos ransomware families,” said Liska. (Phobos is a recent variant of Dharma.)
Liska said that on one of the cybercrime forums featuring the offer, “most members” suspect the code may be an older version of the malicious encryptor, perhaps salvaged from repository or a data leak. And some users from other forums monitoring the sale have drawn the same conclusion.
“The group behind Dharma is very good ..
Support the originator by clicking the read the rest link below.
