Categories: NewsSecurity

Cerber Ransomware Rebrands to CRBR Encryptor

The Cerber ransomware is no more. The ransomware itself is still active, but now goes by a different name. As of last week, the malicious tool has rebranded to CRBR. Developers may be trying to confuse security researchers countering its efforts. It is not a new cyber threat, so current protection and countermeasures should hold up to it.

A New Name for Cerbere But Identical Inner Workings

Even ransomware developers have to properly evaluate their business model. As we so often see in the technology sector, a rebranding can revitalize a business. Cerber has never suffered from a lack of popularity. However, the developers felt now is a good time to rebrand to CRBR Encryptor. The new cover does not mean this malware threat is more potent than before, since it is literally the same programming.

The main thing to remember is how Cerber will always remain Cerber, regardless of what it is officially called by its developers. This rebranding effort does not introduce any new changes under the hood. We have seen multiple malware threats this year so far, and a more potent Cerber is not on anyone’s wish list right now.

It appears the rebranded Cerber is actively distributed through a few dedicated campaigns currently. The

Related Post
MagnitudeEK exploit kit seems to be the main source of distribution for the time being. Malicious individuals can install CRBR ENCRYPTOR by taking advantage of an exploit to attack vulnerable systems. A new spam email campaign is making the rounds, which is distributing the malware in the form of an email attachment.

Researchers believe other methods of distribution may also be in effect, although they have yet to be analyzed fully. We know it is the same Cerber as before when we look at how it encrypts files. This is both good and bad news, as system administrators still detest Cerber. The most annoying part is how CRBR ENCRYPTOR will still scramble file names. It is far from the worst part of this ransomware, but still annoying.

On the payment front, very little has changed. Victims are redirected to a Tor-based website where they need to make a 0.5 BTC payment. Failing to do so will increase the price to 1 Bitcoin after five days. This is just a repackaged version of one of the most annoying ransomware types in history. The bigger question is what the developers hope to achieve by switching the name to CRBR ENCRYPTOR, as it offers no obvious advantages.

Contrary to what most people would have expected, this is not a different type of malware, nor it is a copy-paste project. It is the official Cerber ransomware as we have seen so many times. This is a very strange decision by the ransomware developers, as there appears to be no good reason to have done it. Even the new name is not all that different from Cerber.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

Best Altcoins to Invest in Today: Qubetics Sets the Stage for Blockchain’s Future as Bitcoin Hits $108K and Litecoin Soars

The cryptocurrency world has always been a hotbed of innovation, attracting both seasoned investors and…

4 hours ago

Dogecoin Millionaire Predicts This Undervalued Altcoin Could Match DOGE’s 2021 Gains

Dogecoin's 2021 rally was a historic one, turning ordinary investors into overnight millionaires. This magnificent…

4 hours ago

Qubetics Presale Skyrockets to $7.5M as XRP and Arbitrum Lead Best Altcoins for Exponential Returns

The crypto market is always evolving, with big names like Bitcoin and Ethereum leading the…

5 hours ago

Over 300K Users Actively Mine Crypto On BlockDAG’s X1 Miner App While BNB Bulls Eye $3K; What’s XRP’s Price Target?

The crypto market is ablaze with excitement as altcoins like XRP and BNB make major…

5 hours ago

Best Crypto Presale To Buy Now: Rollblock Delivers For Holders With New License, Record Sign Ups and 7000+ Games

Rollblock is quickly becoming the best crypto presale to buy, delivering unmatched value for its…

9 hours ago

Polkadot And Uniswap Gearing For Post-Christmas Jump As Rollblock Raises $7.4 Million in Presale

While Rollblock's continues its crypto presale, with its value increasing regularly, Polkadot (DOT) and Uniswap…

10 hours ago