Cerber: Ransomware-as-a-Service Now Has a Voice - How to, Technology and PC Security Forum | SensorsTechForum.com

Cerber: Ransomware-as-a-Service Now Has a Voice

ransomware-file-encryptionWe have already seen malware that speaks (literally). Fake tech support scam pages often implement voice-over messages. And it is easy to assume why. You would definitely feel panicked if your computer started repeating that all your personal information was in danger, wouldn’t you?

Well, it’s not your computer talking but cyber criminals who have invented another way to scare users.

In this line of thinking, it was just a matter of time before ransomware learnt to speak. Yes, security researchers at Trend Micro have come across a new type of ransomware that plays a voice-over message in a computer-generated voice:

“Attention! Your documents, photos, databases and other important files have been encrypted!”

This ransomware is dubbed Cerber, or RANSOM_CERBER.A.

What Should You Know about the Cerber Ransomware?

Actually, this is not the first speaking ransomware. In 2012, security experts disclosed Reveton, a police ransomware, that could also speak in the victim’s mother tongue.

Learn More about Reveton Ransomware

So, what’s really new with the Cerber threat? According to researchers, there’s no other ransomware that pushes users verbally into taking an action.

Researchers believe that Cerber’s audio message is only played in English. Nonetheless, once the victim clicks on the link via Tor browser, they will be redirected to a page prompting them to select a specific language. The landing page may appear to offer several languages but at the time of the research, only English worked properly.

The ransom demanded by the cyber criminals behind Cerber is 1.24 Bitcoins, or approximately $520. If not paid within the deadline, the ransom is set to jump to 2.48 Bitcoins in a week.

The Cerber Ransomware Is an Example of the Ransomware-as-a-Service Model

Another interesting discovery is that Cerber has a configuration file in a specific file format – .json. This format is usually deployed to transmit and store data defined in attribute-value pairs. Basically, Cerber can be customized easily, thus enabling the cybercriminal to modify the following:

  • The ransom message;
  • The list of targeted extensions.

Also, the ransomware can be adjusted to blacklist countries. All these features prove that Cerber was created to be sold on the malware market and is yet another example of the ransomware-as-a-service model.

Currently, Cerber seems to be offered in the Russian underground market.

As for its distribution methods, Cerber is spread via the Nuclear exploit kit in aggressive malvertising campaigns.

Learn More about Nuclear EK

And remember that various ransomware threats are currently circling around the Web. To avoid becoming a victim of ransomware, keep those tips in mind at all times:

  • Update your software;
  • Update your browser;
  • Update your anti-virus program;
  • Use an external firewall;
  • Employ anti-spam protection.

For more technical information, visit our Cerber removal article.

Spy Hunter scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool.Find Out More About SpyHunter Anti-Malware Tool / How to Uninstall SpyHunter

Milena Dimitrova

An inspired writer, focused on user privacy and malicious software. Enjoys 'Mr. Robot' and fears '1984'.

More Posts - Website

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Share on Twitter Tweet
Share on Google Plus Share
Share on Linkedin Share
Share on Digg Share
Share on Reddit Share
Share on Stumbleupon Share
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.