Cerber Crypto-Ransomware

Read me First

I have written about this ransomware for SCMagazineUK and I would like to provide a summary about this ransomware in this blog post.

You can read the complete article here 

Once again, security researchers tracked the distribution of  Cerber Crypto-Ransomware by email campaign.

This ransomware has been distributed earlier by

  • Email campaign ( with Macro-enabled Word document file attachment)
  • Exploit kits

 

What makes it different from the earlier distributions is the use of Windows Script Files (WSFs) inside a double zipped file attachment in the email send to the victims.

Attackers also provide a unsubscribe link in the email that redirects the victim to the same zipped file.

After the zipped file is downloaded and the WSF is executed, the ransomware will be downloaded and encrypt files on the victim’s system.

Encryption Capability

 

What is Windows Script File
share...Share on LinkedInTweet about this on TwitterBuffer this pageShare on FacebookShare on Google+Email this to someone