Ransomware now attacks Microsoft Exchange servers with ProxyLogon exploits

Lawrence Abrams reports:

Threat actors are now installing a new ransomware called ‘DEARCRY’ after hacking into Microsoft Exchange servers using the recently disclosed ProxyLogon vulnerabilities.

Since Microsoft revealed earlier this month that threat actors were compromising Microsoft Exchange servers using new zero-day ProxyLogon vulnerabilities, a significant concern has been when threat actors would use it to deploy ransomware.

Unfortunately, tonight our fears became a reality, and threat actors are using the vulnerabilities to install the DearCry ransomware.

Read more on BleepingComputer.  See also related coverage by Catalin Cimpanu.

About the author: Dissent

Comments are closed.