Introducing Cymulate Vero AI for Agentic Cyber Defense Engineering
Learn More
New: 2026 Gartner® Market Guide for Adversarial Exposure Validation
Learn More
New Research: Exploiting Configuration Trust in AI Coding Tools
Learn More
New Case Study: How a Financial Authority Validates Cyber Resilience
Learn More
Book a Demo
Book a Demo

Playing Whack-a-Mole With New Dharma Ransomware Variants

January 30, 2023

The Dharma ransomware family was initially identified in 2016 and operates as a Ransomware-as-a-Service (RaaS) model. Incidentally, one version of the ransomware was leaked and whomever gained access altered it to suit their needs. The malware uses multiple initial access vectors such as exposed Microsoft Remote Desktop Protocol (RDP) servers and phishing with attachments masquerading as legitimate software. The ransomware encrypts files within the system and launches mshta.exe to display an HTML file containing ransom details.

Featured Resources

View More Resources
image
CUSTOMERS

Financial Regulatory Authority Strengthens Security and Gains Continuous Visibility with Cymulate

Limited Visibility and Reliance on Point-in-Time Testing With a lean team of five responsible for securing a complex internal environment,

Read Case Study
image
blog

CVE-2026-35603: One Writable Folder, Every User Compromised: Exploiting Configuration Trust in AI Coding Tools

Ilan Kalendarov, Security Research Team LeadBen Zamir, Security ResearcherElad Beber, Security Researcher The AI coding tools that millions of developers launch every

Read More
image
Demo

Auto Mitigation Demo

Cymulate Auto Mitigation closes the risk-to-fix gap by automatically deploying targeted control updates when exposures are discovered. It then re-validates

Learn More