Browsing tag
Romanian police have arrested five people in recent years, who were suspected of having infected tens of thousands of computers in Europe and the United States by two notorious ransomware families – Cerber ransomware and CTB Locker – spread. During the operation, “Bakovia” – one of the largest police operations in the world, which was […]
Security researchers have gained access to one of the servers used by the Cerber gang, from where they were able to extract basic statistics about their operation. A security researcher that only goes by the nickname of Racco42 discovered the vulnerability on Thursday, January 12. The issue affected only one Cerber server, not all, and […]
Just in time for the Christmas holiday shopping spree, the group behind the Cerber ransomware has launched a spam campaign that uses fake credit card reports to trick users into opening a Word file that under certain circumstances will download and install the deadly Cerber ransomware. Detected by the staff of the Microsoft Malware Protection […]
Late last week, a new version of Cerber Ransomware was released that included some new features. The most notable change is the switch from the static .Cerber3extension for encrypted files to a random 4 character extension, the use of a HTA file as the ransom note, and the termination of various database processes before encryption. With this version, when a victim’s […]
The start of a series This blog entry is the first in a new series featuring reports from Check Point SandBlast Agent Forensics. The concept is quite simple: we run a malware sample on a PC in our malware lab, with all protections turned off, and let SandBlast Forensics automatically analyze it. SandBlast Forensics identifies, […]
Short Bytes: The Cerber ransomware is here to lock down your important documents and force you to pay ransom in the form of bitcoins. This malware targets the Office 365 documents and even plays a creepy audio warning message demanding the ransom. The cyber criminals have found a new target in the form of Microsoft Office […]
Introduction Ransomware authors are in a constant state of innovation. Two weeks ago, Invincea discovereda version of Cerber that could not only hold a victim’s machine hostage, but also potentially be used as part of a Distributed Denial of Service attack. Keeping up a high rate of change and innovation is important for malware authors […]