Bitcoin Ransomware Education – Cerber

Unfortunately, there seems to be no end in sight to the number of different types of Bitcoin ransomware in existence. Several new types have popped up in recent months, and Cerber seems to be one of the most destructive ones in circulation right now.

Also read: Three More Online Gambling Platforms Now Accept Bitcoin

Cerber Is Another Mythological Creature

TheMerkle_Cerber Malware Bitcoin Ransomware

People who have been paying close attention to the Bitcoin ransomware ecosystem may have noticed how some of these strains carry the name of mythological creatures. Cerber is no different in that regard, but that is the least of concerns people should have. Obtaining this type of Bitcoin ransomware can be done through Russian underground forums, although no information was released as to how much one would pay for this toolset.

What makes Cerber a very annoying type of Bitcoin ransomware is how the software can encrypt files even when the computer’s Internet access is cut off. There does not seem to be a centralized c&c server involved in the process, which means shutting down the Internet connection is no solution.

As is the case with any Bitcoin ransomware, file encryption can be a pain in the rear to bypass. So far, security researchers have been unable to determine any form of a pattern where Cerber is concerned. Moreover, the content of all encrypted files is different in every case. Making it that much harder to break the code without paying the ransom.

An interesting thing to point out is how Cerber will display its ransom payment instructions in English only. Although this is the language of the Internet, some forms of ransomware use different languages to affect as many users as possible. The web page users need to access to complete the payment, however, does offer multilingual support.

In most cases, the Cerber ransom fee is set at US$520, or its equivalent in Bitcoin at that time. There is a countdown clock on the web page, which will lead to a price increase if the payment is not made within the appropriate seven-day timeframe. At the time of publication, there was no solution available to bypass infection with Cerber. One thing is clear, though, as the designers of this ransomware are not new to the malware game.

Source: Malwarebytes

Images credit 1,2

If you liked this article follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin and altcoin price analysis and the latest cryptocurrency news.

Leave a Reply