27 April 2021 — 7 min read
DearCry ransomware exploits Exchange server vulnerability
DearCry ransomware uses the recently disclosed zero-day ProxyLogon vulnerabilities to hack into Microsoft Exchange servers. Its file encryption scheme leaves no chance of decryption without the correct key, and data overwriting techniques may complicate recovery. The first DearCry attack was discovered on March 9, 2021.