By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
10alert.com10alert.com
  • Threats
    • WordPress ThreatsDanger
    Threats
    A cyber or cybersecurity threat is a malicious act that seeks to damage data, steal data, or disrupt digital life in general. Cyber threats include…
    Show More
    Top News
    Malware Reigned Supreme In 2012
    8 months ago
    BEWARE THE THINGBOT!
    8 months ago
    Is your PC a part of botnet? Check it!
    8 months ago
    Latest News
    Safeguards against firmware signed with stolen MSI keys
    1 day ago
    WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
    1 day ago
    Wordfence Intelligence Weekly WordPress Vulnerability Report (May 15, 2023 to May 21, 2023)
    6 days ago
    Wordfence Firewall Blocks Bizarre Large-Scale XSS Campaign
    1 week ago
  • Fix
    Fix
    Troubleshooting guide you need when errors, bugs or technical glitches might ruin your digital experience.
    Show More
    Top News
    The creator of malware has infected her own computer
    8 months ago
    Windows 11 build 25163 out with new Taskbar Overflow feature
    8 months ago
    How to fix Microsoft Store not working on Windows 11
    8 months ago
    Latest News
    How automatically delete unused files from my Downloads folder?
    4 months ago
    Now you can speed up any video in your browser
    4 months ago
    How to restore access to a file after EFS or view it on another computer?
    4 months ago
    18 Proven Tips to Speed Up Your WordPress Site and Improve SEO | 2023 Guide
    5 months ago
  • How To
    How ToShow More
    What is two-factor authentication | Kaspersky official blog
    2 days ago
    Acer refreshes Windows 11 PCs for work and play: Swift Edge 16 and Predator Triton 16
    4 days ago
    NVIDIA GeForce RTX 4080 New Mercury Editions of Razer Blade 16 and Blade 18 now available
    4 days ago
    How Oxy uses hooks for maximum extensibility
    How Oxy uses hooks for maximum extensibility
    5 days ago
    The personal threat landscape: securing yourself smartly
    5 days ago
  • News
    News
    This category of resources includes the latest technology news and updates, covering a wide range of topics and innovations in the tech industry. From new…
    Show More
    Top News
    How to delete Automatically cookie files
    8 months ago
    Millions servers affected by Exim software
    8 months ago
    AutoComplete WooCommerce Virtual Products
    8 months ago
    Latest News
    How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11
    2 days ago
    How to enable Taskbar End Task option to close apps on Windows 11
    2 days ago
    How to check USB4 devices specs from Settings on Windows 11
    2 days ago
    How to enable new header UI for File Explorer on Windows 11
    1 week ago
  • Glossary
  • My Bookmarks
Reading: Cerber ransomware delivers a secondary payload
Share
Notification Show More
Aa
Aa
10alert.com10alert.com
  • Threats
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
  • Threats
    • WordPress ThreatsDanger
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
Follow US
ThreatsWordpress Threats

Cerber ransomware delivers a secondary payload

Vitus White
Last updated: 13 October
Vitus White 4 years ago
Share
4 Min Read

As if ransomware weren’t bad enough, now it’s metastasizing: not just spreading rapidly but even picking up secondary characteristics. Take Cerber, ransomware first spotted in the wild back in February 2016.

Contents
Second payloadMultipurpose malware on the riseAvoiding Cerber

Cerber ransomware delivers a secondary payload

At the time, Cerber was best known for being somewhat spooky — instead of merely flashing an ominous message at victims, Cerber delivered its ransom “note” verbally as well. Still, it was a standard modus operandi: Give us money and we’ll give you back your files.

Second payload

Now, Cerber and other Trojans encrypt the data of their victims, and most computer users haven’t a clue how to handle it. Sounds like a great diversionary tactic, doesn’t it?

It seems Cerber distributors agree. Some updated versions of the malware — which, aided by sophisticated delivery methods, has positively exploded in recent months — arrive with a second payload. The bonus gift in this case is one designed to add your computer to a malicious botnet army.

Briefly, here is the sequence of events. First, Cerber arrives in the form of an e-mail attachment. Once executed, the virus behaves like any other ransomware, encrypting files and demanding money for their safe return. But then, security researchers are finding, it confirms the computer’s Internet connection and begins using the infected PC for other purposes, such as for a distributed denial-of-service (DDoS) attack or as a spambot.

#Cerber ransomware on the rise, fueled by #Dridex botnets via @threatpost https://t.co/GBEdClImo3 pic.twitter.com/cP3ySzx2z8

— Kaspersky Lab (@kaspersky) May 16, 2016

Multipurpose malware on the rise

“Cerber” is actually an apt name for malware that is part of this multipayload trend. Like Cerberus, the three-headed dog of Greek mythology, it is neither simple nor straightforward to vanquish — and that makes the approach attractive to cybercriminals.

Cerber is not the first ransomware we’ve seen in 2016 to add an extra payload, either. For example, Petya, ransomware that encrypted victims’ entire hard drive but required users to grant it permission first, added Mischa to its installation routine to guarantee infection. And CryptXXX added the ability to steal information and bitcoins to its otherwise normal ransomware payload.

Caught with #CryptXXX #Ransomware? Our tool can unlock your files without paying. https://t.co/8iRG44Ylui #infosec pic.twitter.com/uTHYa7QaEl

— Kaspersky Lab (@kaspersky) April 26, 2016

Ransomware is crime that pays, and pays well. Expect that Cerber is at the head, not the tail, of this trend of multifarious ransomware viruses. Stay informed and protected to maximize your odds of staying safe.

Avoiding Cerber

Malware such as Cerber continues to be delivered in ways that make it fairly easily avoidable. To minimize your chances of falling victim to Cerber — and minimize the damage in case you do encounter it:

  1. Be wary of all emails. Never click on a link in a message that is obviously spam, but also avoid clicking through in what looks like a legitimate business email or even a message that appears to be from someone you know and trust.
  2. Back up your files. Back them up again, and back up them up regularly.
  3. Apply operating system and application patches as soon as they become available. Like spam links, unpatched exploits are a hugely popular point of entry for malware.
  4. Run security solution, like Kaspersky Internet Security — all of the time — and keep it up to date. You need protection on all connected devices, too. Kaspersky Lab solutions detect Cerber as Trojan-Ransom.Win32.Zerber.

Source: kaspersky.com

Translate this article

TAGGED: Malware, PoC, RC4, Security, Split tunneling, Threats
Vitus White October 13, 2022 September 30, 2019
Share this Article
Facebook Twitter Reddit Telegram Email Copy Link Print

STAY CONECTED

24.8k Followers Like
253.9k Followers Follow
33.7k Subscribers Subscribe
124.8k Members Follow

LAST 10 ALERT

Safeguards against firmware signed with stolen MSI keys
Threats 1 day ago
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
Wordpress Threats 1 day ago
How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11
News 2 days ago
How to enable Taskbar End Task option to close apps on Windows 11
News 2 days ago
How to check USB4 devices specs from Settings on Windows 11
News 2 days ago

Recent Posts

  • Safeguards against firmware signed with stolen MSI keys
  • WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
  • How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11
  • How to enable Taskbar End Task option to close apps on Windows 11
  • How to check USB4 devices specs from Settings on Windows 11

You Might Also Like

Threats

Safeguards against firmware signed with stolen MSI keys

1 day ago
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
Wordpress Threats

WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin

1 day ago
News

How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11

2 days ago
How To

What is two-factor authentication | Kaspersky official blog

2 days ago
Show More

Related stories

How to Use Cloudflare to Secure Your WordPress Site
How To Starting Chrome from the command line
How to fix error 0x80070057 in Chrome?
Windows 10 How To Disable Slide to Shutdown
Windows search not working (FIX)
How to watch movies and TV series for free on Kinopoisk?
Previous Next

10 New Stories

What is two-factor authentication | Kaspersky official blog
Acer refreshes Windows 11 PCs for work and play: Swift Edge 16 and Predator Triton 16
NVIDIA GeForce RTX 4080 New Mercury Editions of Razer Blade 16 and Blade 18 now available
How Oxy uses hooks for maximum extensibility
The personal threat landscape: securing yourself smartly
Wordfence Intelligence Weekly WordPress Vulnerability Report (May 15, 2023 to May 21, 2023)
Previous Next
Hot News
Safeguards against firmware signed with stolen MSI keys
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11
How to enable Taskbar End Task option to close apps on Windows 11
How to check USB4 devices specs from Settings on Windows 11
10alert.com10alert.com
Follow US

© 10 Alert Network. All Rights Reserved.

  • Privacy Policy
  • Contact
  • Customize Interests
  • My Bookmarks
  • Glossary
Go to mobile version
adbanner
AdBlock Detected
Our site is an advertising supported site. Please whitelist to support our site.
Okay, I'll Whitelist
Welcome Back!

Sign in to your account

Lost your password?