The Cerber 4 Iteration Tango: from Cerber Version 4.1.1 to 4.1.4 - How to, Technology and PC Security Forum | SensorsTechForum.com
CYBER NEWS

The Cerber 4 Iteration Tango: from Cerber Version 4.1.1 to 4.1.4

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

hercules-capturing-cerberus-myth
The mythological battle between Cerberus and Hercules quite a lot resembles the battle between cyber criminals and researchers. Whose side are you on?

The employment of SEO techniques in malware (and ransomware) distribution is not news. Blackhat SEO campaigns are often uncovered by security researchers. One of the latest such campaigns (disclosed by Malwarebytes) was redirecting users clicking on Google’s featured snippet links for a compromised Hungarian sports site, to a certain website offering license keys for Microsoft products.

Some of the users were tricked into purchasing stolen merchandise. However, users who clicked on the Hungarian website directly were redirected to the Neutrino exploit kit. The final stage of the operation was the CrypMIC ransomware.

This is the average blackhat SEO campaign that ends with malware delivery. However, this is not the only malware-related issue involving SEO that users should be aware of.

A new version of Cerber ransomware was just detected, an iteration of the fourth Cerber outlined as Cerber 4.1.4.

It appears that the ransomware operators skipped Cerber 4.1.2 and 4.1.3 and directly released the fourth edition. Nonetheless, if you google Cerber 4.1.3, you will see multiple websites which have covered the non-existent iteration of Cerber 4. For reasons beyond comprehension, Cerber 4.1.2 was bypassed by both sides – researchers and criminals. At the time this article is being written, no 4.1.2 information is available online – be it true or false.

ransomware-cyber-security-quote-stforum

Let’s get back to Cerber 4.1.4. The ransomware operators most likely noticed these websites (which may have published Cerber 4.1.3 articles for SEO purposes, or didn’t bother research the subject in depth) and decided to go straight ahead with releasing the 4.1.4 iteration.

It feels like there is a silent dialogue going on between ransomware operators and what is being published on the Internet. And it makes sense. Ransomware creators want to know how their ransomware is doing online. How famous it has become and what cyber security researchers are saying.

A serious, well-educated, self-respecting malware researcher would never publish something that hasn’t been supported by actual facts.

There is a certain responsibility that comes with the title “cyber security researcher”, as apparent by the Cerber 4.1.3 happening. Surely, the presumption that “there is going to be a next iteration of Cerber” is always there. Cerber is one of the most evolving ransomware families.

However, cyber security researchers shouldn’t encourage cyber criminals. They should do everything in their power to expose them, and should always seek ways to help victims of ransomware and cybercrime in general.

Avatar

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum for 4 years. Enjoys ‘Mr. Robot’ and fears ‘1984’. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles!

More Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...