Cerber, a new highly oppressive ransomware is now making the rounds online. And it is cutting a huge swath of destruction.
In 2016, the FBI estimated that ransomware victims shelled out roughly $1 Billion to free up their hostaged files. One of the most prominent was Locky malware. Not long ago, the online world was rocked by its malevolence. Locky encrypts data inside your C: Drive and then demands a ransom fee to the tune of about $300 or more. Refuse to pay and you might not get back your important files anymore. And if you logged in as a domain administrator, Locky will hold hostage more files. Needless to say, this malicious program was one serious threat and many started calling it the king of ransomware.
That was in 2016. Now, a new threat has emerged. It is considered to be meaner and it spreads like wildfire. Hailed as the current king of ransomware, Cerber’s reign is filled with threats and extortion.
What is Cerber?
In the first quarter of 2017 alone, Cerber is already responsible for about 90% of ransomware attacks on Windows users. In contrast, at this point in time, Locky was estimated to be responsible for just 2% of attacks.
Cerber is considered to be a RaaS type of malware – Ransomware as a Service. This contributes to its virulence and ability to fool people into letting it infect their computer systems. As a RaaS program, it can be activated by just about anyone, even if they are not that good with computers.
Even worse, Cerber is traded in the Dark Web, a part of the internet populated by malicious individuals and criminals. Hackers code their own versions of Cerber, and then sells the program to lawbreakers willing to pay the price. The buyers then use the program to victimize unsuspecting online users. They can set the payment deadlines and the amount they want to extort from their victims.
Once a victim pays up, the hacker who coded the malware gets a cut of the ransom fee. Overall, it’s quite a profitable business for unscrupulous individuals.
Why Do People Get Fooled by Cerber?
This ransomware is spread around via a phishing email, which is an email that looks like a legitimate one from a someone you trust. It will contain a link that looks so innocent, most people won’t think twice clicking on it. Most likely this link will lead to the popular cloud storage website, Dropbox.
However, that link is not part of Dropbox. If you click on it, the Cerber program will automatically download to your device, causing damage.
How Damaging Is It?
Once the Cerber ransomware is in your system, it will quickly encrypt files in your gadget. These could be your photos, work files, and other important documents. It will lock away .doc, .jpg, .avi, and other types of files. You will know that a file has been compromised when its extension shows a “.cerber“, “.cerber2“, “.cerber3“, or something similar. You might also see random file extensions, such as “.a37b“, “.ba99“, “.a563“, etc.
You will then be shown a threatening message detailing the ransom fee you need to pay and when to pay it. The usual time frame given is seven days.
Earlier versions of the program will change your desktop wallpaper to a gray background, containing the text, “Your documents, photos, databases, and other important files have been encrypted…If you understand all importance of the situation then we propose to you to go directly to your personal page where you will receive the complete instructions and guarantees to restore your files.” You will then be given the link to your “personal page”.
Newer versions now highlight that text in red for a more alarming effect. You might also see a box at the bottom notifying you that Cerber Ransomware has infiltrated your device.
The ransom fee required are varied. Some programs will demand bitcoins worth $400, $500, or more. Victims are often further threatened that if they do not pay up, the fee will double after seven days. If you refuse to budge, your files could disappear forever.
The cruelty does not stop there. Some Cerber versions actually delete your files the moment they infect your computer. They will still threaten you to pay up. If you do, you will only know too late that your files have disappeared. The hackers will get your money and you still end up with a wiped out system.
How to Prevent Being Infected by a Ransomware?
Be it Cerber or any other ransomware, prevention is better than cure. Better avoid being infected at all rather than suffering through the pain brought on by the malware. Best not to lose money as well.
So, how do you protect your computer from ransomware? These steps are essential:
- Do not open suspicious emails. Make use of email defenders as well, such as anti-virus extensions.
- Be wary of links in emails, even those from senders you know. Best to scan them using an anti-virus software first. They could be malware programs masquerading as innocent URLs.
- Use a strong anti-virus software for your whole system.
- Back up your important files. In the event that they do get encrypted and held hostage, you can simply ignore the threat for you have the backup.
- The authorities also advise that you don’t pay up when threatened by a ransomware.
- If you know the sender of the phishing email, you might want to contact them and inform them that their accounts have been compromised.
What to Do When Affected by Ransomware?
If you weren’t able to avoid Cerber (or other ransomware), one of the best things to do is to resort to your backups. You can also make use of decryptor tools provided by reliable sources.
Another option is to contact tech support professionals for assistance. They can take a look at your device and can execute the right solutions.
All in all, there is no guarantee that you will recover your files from Cerber or any ransomware. Be vigilant always and make sure to implement necessary safety precautions when using your email and the internet.