After a relatively calm period, the researchers at Microsoft are warning that the ransomware known as Cerber has resurfaced stronger than ever. The target audience? Holiday and post-holiday shoppers. It also targets the data files of enterprise businesses.
Most of us are a little more aware of the need for cyber security during the holidays, but the need is equally important after the holidays! The Malware Protection Center at Microsoft has reported that the cyber attackers have amped up their game during this post-holiday season. One reason is the number of online shoppers looking for great deals after Christmas.
Top security researchers are now aware of a couple of new campaigns and spam that pinpoints all the consumer transaction during the post-holiday season. Cerber ransomware is constantly changing, causing user files to be encrypted while holding them for ransom. Just in the last several weeks the authors of Cerber ransomware are now attacking critical applications of major business files.
The newest version of this ransomware has been programmed to target the database files of Microsoft Acess, Oracle and MySQL. It’s not unusual for these files to be shut down as they are encrypted by malware.
As with so many other viruses, attackers are going straight for your inbox and flooding them with malicious links and downloadable attachments. As soon as you click on the link, the virus moves in, installing the ransomware. What’s worse is that it creates what looks like zip files that are password protected. The body of the email often contains the password, making this another huge red flag for malware. It usually states that order and delivery details are in the email.
Vulnerabilities found in previous Adobe Flash websites can also be used to exploit Cerber. If a person happens to be on this site, they will unknowingly download the malware to their computer. What’s more, any information on the version of Cerber ransomware has been scrubbed, which makes it even harder to track.
Unfortunately, an even wider net has been cast by Cerber and it’s now targeting dozens more types of files. Executing .exe, .cmd, and .msi files is now happening for the first time with Cerber ransomware.
Cyber criminals have to constantly be changing and updating their versions of ransomware in order to go undetected by antivirus software programs. Ramping up the malware complexities tells us how determined these criminals are to destroy and attack your personal files. Don’t become a victim—never click on unfamiliar links in your email! Use common sense and close out any ads or emails with suspicious links.
For more information on cyber criminals and how to stay safe from ransomware, call Tech Sentries today! (843) 282-2222.