Jump to content
Login new information ×
Login new information
Donations campaign phase one 2024

Cerber Ransomware Gets Pushed in Blank Slate Campaign

CrAKeN

By CrAKeN
in Security & Privacy News

Recommended Posts

CrAKeN

CrAKeN

Posted
Posted

cerber-ransomware-gets-pushed-in-blank-s

 

New blank slate campaign runs Cerber

 

A new campaign pushing Cerber ransomware has been spotted into the wild, titled "Blank Slate." 

 

According to the folks over at the SANS Internet Storm Center, it was titled Blank Slate because, as you probably expect, the emails have no message text and there's nothing there to indicate what the attachments are. The subject line and attachment names are vague and consist of random numbers, which is how we all title most of our files.

 

The file attachments getting sent in this campaign are double-zipped, which means there's a zip archive whithin another zip archive, which is where you'll find the JavaScript file or a Microsoft Word document infected with Cerber. For the JavaScript file you'll simply have to double-click it, while for the Word document, you'll have to enable macros.

 

The Blank Slate campaign has been used before with other types of ransomware, but this time around Cerber has been the most prevalent one.

 

Up goes the ransom


Cerber is a ransomware that will encrypt documents, photos, databases and other important files on your computer. In order to get the decryption key, victims are usually told to pay a ransom of $500. An interesting part about this particular ransom is that the amount of Bitcoin requested by the attacker will always reflect $500, regardless of the Bitcoin quotation. Up until this week, that is, when the ransom suddenly hiked up to 1 Bitcoin.

 

As always, you should pay extra attention to any email landing in your inbox. Do not click on any that you find suspicious. In this case, an email from a person you don't know, without any kind of text and a nameless attachment should trigger at least some warning bells. As Brad Duncan from the SANS Internet Storm Center notes, how successful can such campaigns be? Potential victims must open an attachment from a blank email, unzip twice, and doubleclick on a file, or, in the case of the Word attachment, enable macros, which Microsoft advises against.

 

Source

Link to comment
Share on other sites
  • Views 292
  • Created
  • Last Reply

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...