Quote:Threat actors are distributing the Dharma Ransomware in a new spam campaign targeting Windows users in Italy.
The Dharma Ransomware has been active for many years and is based on another ransomware family called Crysis. It is not common, though, to see this ransomware family distributed through malspam as it is more commonly installed via hacked remote desktop services.
Security researchers JAMESWT, TG Soft, and reecDeep all noticed a new spam campaign today that is infecting users with the Ursniff keylogger or the Dharma Ransomware.
The spam emails use mail subjects like 'Fattura n. 637 del 14.01.20' and pretend to be a sent invoice.
Spam Email
![[Image: spam-email.jpg]](https://www.bleepstatic.com/images/news/ransomware/d/dharma/italy-malspam/spam-email.jpg)
Read more: https://www.bleepingcomputer.com/news/se...-campaign/
![[-]](https://www.geeks.fyi/images/collapse.png)
