Security News > 2021 > March > The Week in Ransomware - March 12th 2021 - Encrypting Exchange servers
One overriding concern has been when will ransomware actors use the vulnerabilities to compromise and encrypt mail servers.
Last night our fears became a reality after ID-Ransomware creator Michael Gillespie revealed that the new DearCry Ransomware targeted Microsoft Exchange servers.
After BleepingComputer broke the DearCry ransomware story, Microsoft confirmed that the ransomware was being installed on servers compromised by the ProxyLogon exploits.
Ransomware now attacks Microsoft Exchange servers with ProxyLogon exploits.
Threat actors are now installing a new ransomware called 'DEARCRY' after hacking into Microsoft Exchange servers using the recently disclosed ProxyLogon vulnerabilities.
Michael Gillespie was the first to disclose that a new DearCry ransomware was targeting exchange servers.
News URL
Related news
- FBI disrupts the Dispossessor ransomware operation, seizes servers (source)
- FBI Shuts Down Dispossessor Ransomware Group's Servers Across U.S., U.K., and Germany (source)
- Linux version of new Cicada ransomware targets VMware ESXi servers (source)
- VMware ESXi Servers Targeted by New Ransomware Variant from Cicada3301 Group (source)
- Germany seizes 47 crypto exchanges used by ransomware gangs (source)
- US sanctions crypto exchanges used by Russian ransomware gangs (source)