Threat Management, Malware, Ransomware, Threat Management

Cerber 4.0 spotted in EKs just a month after 3.0 release

Trend Micro researchers spotted several exploit kits delivering Cerber 4.0 ransomware just a month after the release of version 3.

The upgraded malware includes a shift in the ransom note's formation from html to .hta and the authors are now generating a random string as the new file extension for each infection, according to an Oct. 12 blog post.

Researchers also spotted three malvertising campaigns and a compromised site delivering the ransomware.

The campaigns included a continuously changing campaign named PseudoDarkleech which mostly delivers ransomware through compromised sites, a campaign that employs the Magnitude exploit kit and targets countries in Asia, a campaign which typically employs a casino-themed fake advertisement, and a campaign that distributs malware in the US, Germany, Spain, Taiwan and Korea.

Researchers recommend users keep three copies of their data, two on two separate devices and one stored in a secure location to mitigate tactics.    

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.