• Language chooser
    • USA (English)
    • France (Français)

DearCry Ransomware

Released: Mar 16, 2021


High Severity

Ransomware Type


Targeting the MS Exchange Exploit.

Following initial compromise of the MS Exchange system, the attacker can execute the primary objective. From monitoring these incidents, a new family of ransomware has been detected. The threat is known as DoejoCrypt or DearCry. Learn More »

Background

Earliest detection of the MS Exchange vulnerability is covered in the MS Exchange Outbreak report.

Latest Development

Recent news and incidents related to cybersecurity threats encompassing various events such as data breaches, cyber-attacks, security incidents, and vulnerabilities discovered.


On March 11, Microsoft released the following announcement referring to the ransomware: https://twitter.com/MsftSecIntel/status/1370236539427459076


Refer to the FortiGuard Labs released the Threat Signal report: https://www.fortiguard.com/threat-signal-report/3885/observed-in-the-wild-campaigns-leveraging-recent-microsoft-exchange-server-vulnerabilities-to-install-doejocrypt-dearcry-ransomware

FortiGuard Cybersecurity Framework

Mitigate security threats and vulnerabilities by leveraging the range of FortiGuard Services.


PROTECT
  • Lure

  • Decoy VM

  • AV

  • AV (Pre-filter)

DETECT
  • Outbreak Detection

  • Threat Hunting

RESPOND
  • Assisted Response Services

  • Automated Response

RECOVER
  • NOC/SOC Training

  • End-User Training

IDENTIFY
  • Attack Surface Hardening

Threat Intelligence

Information gathered from analyzing ongoing cybersecurity events including threat actors, their tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), malware and related vulnerabilities.


References

Sources of information in support and relation to this Outbreak and vendor.