Cerber Ransomware Speaks About Its Encryption, Demands USD 500 in Bitcoins

In a way, Cerber ransomware is true to its ancient name. A Greek myth tells there is a ridiculous dog of many heads, Cerberus. The dog prevents the dead from leaving the underworld. Likewise, the same-name infection keeps your data in the encrypted world, so that anyone and anything cannot properly read it.

To render the data readable, a victim is prompted to pay. This strain of malware has gained a particular notoriety for its voice message. Once the malicious scrambling completes, the rogue executes its media file. The voice message states that all your documents etc. have been encrypted. It just adds to the common written ransom note dropped into each folder with affected files and into the desktop. The written note provides more details, including the link to further instructions.

A victim is requested to download and install TOR browser. The note instructs the users to enter the specific address in that browser. The decryption page loads, which is an interface controlled by the crooks behind the Cerber ransom virus. Available in twelve languages, the service basically scares its visitors to pay the amount ranging from USD 500. The amount is payable in bitcoins.

Distribution of Cerber ransomware involves a number of actors. The trojan is provided on ransomware-as-a-service terms at certain darknet Russian forums. That is, a number of unrelated teams propagate the virus in the wild. They are free to choose a propagation method, as well as to adjust the ransomware behavior. In most of the cases, they set the rogue to avoid running the decryption, if the IP of affected PC is registered in certain countries, including Russia and some of its neighboring states.

Cerber ransomware applies an advanced encryption standard so that the data coding cannot be undone without the decryption key. It is the key that the ransom virus prompts its victims to buy. If you have been unfortunate to have your computer data scrambled by Cerber for ransom, please take into account the payment does not ensure the key is delivered, yet provides further incentives to the black hats to propagate the ransomware and come up with its new strains. The best practice of computer safety is to remove Cerber encryption virus while sticking to regular backups and ransom-free recovery options.