Menu
Cerber ransomware sold as a service, speaks to victims

Cerber ransomware sold as a service, speaks to victims

Cerber has taken creepiness for victims and affordability for criminals to a new level

A new file-encrypting ransomware program called Cerber has taken creepiness for victims, but also affordability for criminals, to a new level.

In terms of functionality Cerber is not very different than other ransomware threats. It encrypts files with the strong AES-256 algorithm and targets dozens of file types, including documents, pictures, audio files, videos, archives and backups.

The program encrypts file contents and file names and changes the original extensions to .cerber. It can also scan for and encrypt available network shares even if they are not mapped to a drive letter in the computer.

Once the encryption process is done, Cerber will drop three files on the victim's desktop named "# DECRYPT MY FILES #." They contain the ransom demand and instructions on how to pay it. One of those files is in TXT format, one is HTML and the third contains a VBS (Visual Basic Scripting).

The VBS file is unusual. According to Lawrence Abrams, administrator of the technical support forum BleepingComputer.com, the file contains text-to-speech code that converts text into an audio message.

"When the above script is executed, your computer will speak a message stating that your computer's files were encrypted and will repeat itself numerous times," Abrams said in a blog post.

According to Cyber intelligence outfit SenseCy, Cerber's creators are selling the ransomware as a service on a private Russian-language forum. This makes it available to low-level criminals who might not have the coding skills or resources to create their own ransomware. It also means that this threat might see widespread distribution.

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Slideshows

IN PICTURES: Ingram Micro Innovation hits Auckland with Hewlett Packard Enterprise

IN PICTURES: Ingram Micro Innovation hits Auckland with Hewlett Packard Enterprise

Ingram Micro completed its nationwide roadshow in Auckland last month, kicking off its Innovation Hour series with Hewlett Packard Enterprise. Uncovering the latest in storage, networking and servers, the event outlined key market trends for resellers in 2016 and beyond.

IN PICTURES: Ingram Micro Innovation hits Auckland with Hewlett Packard Enterprise
IN PICTURES: FireEye celebrates channel at 2016 Partner Conference

IN PICTURES: FireEye celebrates channel at 2016 Partner Conference

FireEye welcomed 143 channel partners and distributors to FireEye's 2016 annual Partner Conference, FireEye A/NZ Momentum - held at Establishment in Sydney. Delegates heard from senior trans-Tasman channel leaders, marketing and the product divisions in the morning, with FireEye customers, incident responders and threat intelligence analysts sharing knowledge during the afternoon.

IN PICTURES: FireEye celebrates channel at 2016 Partner Conference
​IN PICTURES: Disruption in the data centre - Can the Kiwi channel capitalise?​

​IN PICTURES: Disruption in the data centre - Can the Kiwi channel capitalise?​

With New Zealand businesses now open to innovation, the industry sits on the cusp of significant disruption in the data centre. Driven by software-defined networking, the future of the data centre is fast becoming reality, as the channel seeks to keep up, keep innovating and keep growing. APC by Schneider Electric, Lenovo and key partners outlined how the channel can capitalise at The Grill restaurant in Auckland.

​IN PICTURES: Disruption in the data centre - Can the Kiwi channel capitalise?​
Show Comments