Reading: Cerber Ransomware Offered As-a-service By Internet Criminals


Cerber Ransomware Offered As-a-service By Internet Criminals

Jp Buntinx · @ | May 30, 2016 | 08:45

Bitcoinist_Ransomware-as-a-service Bitcoin

Cerber Ransomware Offered As-a-service By Internet Criminals

Jp Buntinx · @ | May 30, 2016 | 08:45

Bitcoin ransomware keeps evolving, as developers want to do everything they can to outsmart security researchers. Cerber, one of the most potent forms of malware, is being offered on a ransom-as-a-service basis right now. But that is not the only new aspect about this strain of ransomware.

The distribution method of Cerber has changed as well. Up until this point, this malware used to spread itself via macro-enabled Word documents. That model has undergone some changes too, as Windows Script Files are now being utilized for this particular purpose.

Key Changes For Cerber Ransomware

Bitcoinist_Ransomware-as-a-service Cerber

Using Windows Script Files is a noteworthy trend, as these files are executable with the Windows wscript.exe utility. Moreover, they can contain a script from any Windows Script compatible scripting engine. This makes it rather hard to distinguish between genuine and malicious code, and security researchers have their work cut out for them in this regard.

Ransomware-as-a-service is a particularly worrying development in the world of malware and cryptocurrency. Cerber, and many other types of ransomware like it, demand users to pay a fee in Bitcoin if they want to regain access to their files.Now that some criminals resort to spreading this software as a service, it is not unlikely the number of attacks will increase over the next few months.

Getting rid of the Cerber ransomware is even more challenging than with other types of malware since there is no communication with a command and control server involved. But that does not mean the software is without flaws, as one security researcher mentioned there are weaknesses in the encryption. If this is the case, security experts could exploit this vulnerability to create a free decryption solution.

That being said, the same security researcher noted how Cerber ransomware seems to be primarily targeting UK consumers. There does not seem to be a clear indication as to why this would be the case, but the researcher expects this situation to change over time.

What are your thoughts on Cerber being distributed as a service? Let us know in the comments below!

Source: Deep Dot Web

Images courtesy of Shutterstock, Sures Hot Software

Show comments