• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • February 27th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security
Malware

Cerber Ransomware Infecting Devices by Exploiting Flaws in Web Browsers

December 24th, 2016 Uzair Amir Security, Malware 0 comments
Cerber Ransomware Infecting Devices by Exploiting Flaws in Web Browsers
Share on FacebookShare on Twitter

There is a fresh ransomware campaign circulating on the web that is spreading Cerber ransomware. This campaign is quite dangerous because it has the tendency of infecting a large number of systems.

Andra Zaharia, a member Heimdal Security research team states that this ransomware campaign affects not just individual internet users but also enterprises. The research further reveals that Cerber has started “targeting companies’ databases to maximize profits from the ransom, so this is another reason to take additional precautions.”

Exclusive Tips: How to secure your cyber infrastructure from threats like ransomware?

With this fresh campaign, cyber-criminals are basically trying to exploit weaknesses that prevail in mainframe internet browsers such as Silverlight, Internet Explorer, Edge and software like Flash Player.

The campaign starts with infecting genuine websites through injecting malicious script, which is actually the Nemucod generic malware downloader. The script then redirects the traffic to a Cerber gateway called Pseudo Darkleech. It is a kind of malware infection that adds a strong clouding layer so that detection could be avoided. Nemucod is used in this campaign because it can easily run Cerber ransomware. Remember, Nemucod was recently used in another campaign in which hackers were using images on Facebook Messenger to drop Locky ransomware. However, it was firstly identified in December 2015 as a “Trojan downloader.”

What makes this campaign different from other ransomware campaigns is the fact that this time cyber-criminals have incorporated several types of malware in one single attack. This is why researchers are referring the campaign as a malware cocktail of sorts.

Fun to Read: Hacker Who Hacked SF Rail System for Ransom Hacked by Another Hacker

This cocktail includes Nemucod, DarkLeech and Cerber and the sole purpose of utilizing so many infections at one time is to avoid detection through anti-virus. The attacker(s) aim is to make the infection persist until the encryption of the data on the victim’s computer is completed, and the attacker could ask for ransom. When data encryption is complete, the victim is asked to pay the ransom, which ranges from 1.24 BTC (bitcoins) to 2.48 BTC, equivalent to $1,068 to $2,136 as per the latest BTC rates.

On the other hand, Pseudo DarkLeech makes use of secret iframe injections and randomizes elements to let the malware operate without getting detected. Cerber, which is a professionally coded sophisticated ransomware, was identified in March 2016 and offers customization options. Just like Locky ransomware, Cerber also accesses Dridex spam network. This means it can be “pushed out quickly in large spam campaigns,” states Zaharia.

Cerber ransomware was actually discovered about three months ago. The dangerous features of this ransomware include encrypting files and killing database process servers.

To keep yourself protected from this and other ransomware attacks never download files from an unknown email and always keep a backup of your data. In case, you are already infected with a ransomware contact ‘No More Ransom,’ an anti-ransomware portal that recovers encrypted data for free. Until now, the portal has saved 2500 ransomware victims saving 1.3 million Euros.

[fullsquaread][/fullsquaread]

Must Read: The Nastiest of all Ransomware Mamba Encrypts Entire Hard Drive

DDoS attacks are increasing, calculate the cost and probability of a DDoS attack on your business with this DDoS Downtime Cost Calculator.

Did you enjoy reading this article? Kindly do like our page on Facebook, follow us on Twitter and Google + and help us grow.

[src src=”Image Via” url=”https://www.flickr.com/photos/135518748@N08/26126781125/”]Flickr/Portalgda[/src]

  • Tags
  • Cyber Attack
  • hacking
  • internet
  • Malware
  • Privacy
  • Ransomware
  • security
  • Vulnerability
Facebook Twitter LinkedIn Pinterest
Previous article Android-compatible Google Daydream VR Controller Hacked to Run on iOS
Next article Tumblr Attackers Now threatening to Ruin Christmas for Xbox Users with DDoS Attacks
Uzair Amir

Uzair Amir

I am an Electronic Engineer, an Android Game Developer and a Tech writer. I am into music, snooker and my life motto is 'Do my best, so that I can't blame myself for anything.'

Related Posts
Microsoft release open-source CodeQL queries to hunt SolarWinds hacks

Microsoft release open-source CodeQL queries to hunt SolarWinds hacks

Hackers using malicious Firefox extension to phish Gmail credentials

Hackers using malicious Firefox extension to phish Gmail credentials

Botnet Abusing Bitcoin Blockchain To Evade Detection

Botnet Abusing Bitcoin Blockchain To Evade Detection

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Microsoft release open-source CodeQL queries to hunt SolarWinds hacks
Microsoft

Microsoft release open-source CodeQL queries to hunt SolarWinds hacks

Hackers using malicious Firefox extension to phish Gmail credentials
Security

Hackers using malicious Firefox extension to phish Gmail credentials

Apple Glass may feature 3D Audio and Self-Cleaning in new patent
Technology News

Apple Glass may feature 3D Audio and Self-Cleaning in new patent

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us