A new wave of attack campaigns are being launched by hackers that carry the dangerous Cerber ransomware virus, be extremely careful! Continue reading our guide to learn more about it and how to stay safe.
SpyHunter anti-malware tool will diagnose all current threats on the computer. By purchasing the full version, you will be able to remove all malware threats instantly. Additional information about SpyHunter / Help to uninstall SpyHunter
Cerber Ransomware Infections Continue To Spread
Computer hackers continue to spread the Cerber ransomware. Yesterday malware researchers spotted a new dangerous campaign using the RIG exploit kit which spreads the malware. As always there are several important factors that contribute to the intrusions:
As always the exploit kit infects primarily by targeting software vulnerabilities. All computer users should patch up their commonly used software and browser plugins. As you already know the Adobe Flash Player is one of the main causes of intrusions.
The other popular way of sending out Cerber ransomware samples is through email spam messages. Lately the virus has been distributed in messages that pose as legitimate important documents such as invoices, bank statements and other similar files. As they are esentially documents the hackers embed malicious macros in them that once activated deliver the dangerous payload to the victim computer.
There are several different Cerber versions and almost all of them cannot be decrypted using decrypters. This is why all computer users should invest in anti-spyware solutions that protect the system at all times.
The Cerber ransomware has proven to be one of the most proficient viruses that generate a very large amount of income for its criminal operators.
The virus has been used to attack medical and education institutions and succesful attacks have hindered critical operations. The virus has been noteworthy for infecting large databases and other important sources of information.
In a recent statement issued by Microsoft, the virus has been noted as a very serious danger to corporate networks. The corporation’s security experts note that hackers often employ sophisticated attacks against enterprise networks. Intrusion attempts and successful incidents have spiked over the recent holiday period and according to various yearly statistics this is one of the most prevalent ransomware families that target both individual users and businesses.
The recent attack used a combination of an embedded macro and a PowerShell script which downloads a copy of the virus to the local computer. Because of the severity of the ransomware Microsoft and other software vendors are constantly updating their definitions, blacklists and other counter measures to reduce the number of infections.
The Cerber ransomware has also become popular among hackers as a Ransomware-as-a-service (RaaS). Hackers buy prepackaged versions of the ransomware and they can modify its code base thus creating custom samples which are used against predefined targets. This is achieved by following this basic pattern:
The malicious users participates in the acquisition of the Cerber ransomware. This is done by going to the underground TOR hacker markets and buying a sample from the developers. Depending on the version and the market this can be achieved by paying a fixed sum or participating in an auction.
The next step is to set up relevant C&C malicious servers that are used to control the infected hosts.
The most important step is to effectively distribute the Cerber ransomware. According to the type of targets the hackers may opt to use different strategies.