New ransomware after Encrypting User’s Data-Files Provides Audio Note of the Ransom

One fresh kind of ransomware has entered the Web first encrypting users' files in the usual manner and then in one twist, reading out the ransom message with the help of a text-to-speech (TTS) utility. The ransomware is called Cerber.

Early indications of Cerber attacks emerged past week. SenseCy a security company describes the malware as a result of certain Russian coders joined in a team for promoting the Cerber like one RaaS through illegal platforms for hacking within Russia.

The full form of RaaS is 'Ransomware-as-a-Service' which's one fresh business model that such malware operators profitably use. The service is a means to deliver ready-coded ransom malware that other criminals are let towards disseminating through their spear-phishing or spam runs. The actual criminals who write the codes collect one small percentage, however, solely after the victimized user completes the ransom payment.

Cerber has certain distinct features. One of them is to never use it in countries speaking Russian language. According to the security investigators, Cerber's code shows its creation was especially for eschewing infecting end-users within erstwhile Soviet nations.

Moreover, Cerber, prior to encrypting files, displays one error prompt that would dupe the end-user into rebooting his PC within Safe Mode first, followed with within Normal Mode again. Techworm.com posted this, March 8, 2016.

Thus the good thing about Cerber is that its development is for particularly infecting people in non-Russian speaking nations. Furthermore, when the computer operator is deceived into restarting his machine he can do so solely within "Safe Mode with Networking." Thereafter, the malware forcibly restarts the PC following which it begins the file encryption process utilizing the cryptography algorithm AES. Conversely, Cerber's undesirable issue is that it's presently non-decryptable. In this connection, once it encrypts an end-user's files, the malware then presents 3 files carrying notification of the ransom amount within three formats -HTML, VBS and text- within each folder which consists of the encrypted data. On viewing the VBS format, Cerber tells the victim about paying 1.24 Bitcoin (USD520) for retrieving the files, while denial will make the ransom amount two-fold with the passage of a week.

» SPAMfighter News - 3/14/2016