Cerber Evolves Into V6
Posted by: Timothy Weaver on 05/03/2017 12:26 PM
[
Comments
]
Trend Micro has reported that a new iteration of the Cerber family of ransomware has been released as V6.
It was first discovered in March 2016 on a Russian underground marketplace. Its evolution is an attempt to become the "most prolific family of ransomware in the threat landscape."
The ransomware is available on the underground marketplace as a service and has netted the creators an estimate of as much as $200,000 in commission in one month last year.
The United States is the main target of the malware with it focusing on individuals as well as various sectors, including education, manufacturing, public sector, technology, healthcare, energy and transportation.
The malware defends itself with anti-sandbox and anti-AV strategies, but the main difference with this version is in its email. The attack employs an attachment consisting of a zipped attachment with a malicious JavaScript (JS) file.
Part of the payload is designed to wait two minutes in order to avoid detection by a sandbox.
"Cerber's evolution reflects the need for organizations and end-users to be aware of today's constantly evolving threats," the Trend Micro researchers concluded.
Source: SCMagazine
It was first discovered in March 2016 on a Russian underground marketplace. Its evolution is an attempt to become the "most prolific family of ransomware in the threat landscape."The ransomware is available on the underground marketplace as a service and has netted the creators an estimate of as much as $200,000 in commission in one month last year.
The United States is the main target of the malware with it focusing on individuals as well as various sectors, including education, manufacturing, public sector, technology, healthcare, energy and transportation.
The malware defends itself with anti-sandbox and anti-AV strategies, but the main difference with this version is in its email. The attack employs an attachment consisting of a zipped attachment with a malicious JavaScript (JS) file.
Part of the payload is designed to wait two minutes in order to avoid detection by a sandbox.
"Cerber's evolution reflects the need for organizations and end-users to be aware of today's constantly evolving threats," the Trend Micro researchers concluded.
Source: SCMagazine
Comments
