April 21, 2017

Report details the worrying rise and continued growth of Cerber based ransomware, but the almost total disappearance of Locky…

malwarebytesmalwarebytes                              Ignorance and indifference on the part of users is the biggest risk to cybersecurity

Misunderstanding and lack of knowledge puts users at serious risk.

So, yes, you can probably all guess what Malwarebytes big conclusion is already, and you’d be right. Because it’s the same one it seems to be no matter who’s doing the research; ignorance and indifference on the part of users is the biggest risk to cybersecurity. Seriously, people, take a moment and update your antivirus and then actually run it. If you don’t have any, we here at have several completely free versions you can download and use. It’s a few minutes out of your day. Just do it. We even have the one Malwarebytes do themselves. Yay!

But back to Malwarebytes, Cerber, and their Q1 report.

Ransomware, as you would probably expect, continues to be the big hitter as far as malware is concerned: While trojans and ad-fraud and all the others still exist, if you’re into malware in 2017, then ransomware is where cybercrime is at.
ransomware 300x166                                                     Ransomware as a percentage of all malware threats in Q1 2017

The Cerber family of ransomware is the current king, accounting for some 90% of all ransomware use in the first quarter of 2017. Locky, which hit the headlines for its continued use in 2016 is notable for the fact that it has almost dropped off the face of the earth.

Cerber continues to be a huge issue in the cybersecurity world. And why wouldn’t it be; it’s as impressive as it is scary. In all respects, Cerber is a superior form of ransomware and comes loaded with military grade encryption.

The real threat from the Cerber ransomware family however is the fact that anyone with just a small amount of technical knowledge, who can get their hands on it, can use it.

Cerber: Would you like fries with that?

One of the biggest issues facing antimalware vendors is the fact that Cerber can be customized as easily as it can be distributed.

After purchasing a base level version of Cerber, “options exist from other parts of the cybercrime marketplace that will distribute the malware through numerous means, ensuring the greatest amount of infection.”

Yes, that’s right, Cerber is in many respects, franchise malware where everyone involved gets paid. “Whenever someones pays the ransom, Cerber developers also get a cut of the ransom. You might recognize this process as being akin to an affiliate program used by advertisers.” It’s a shrewd and devilishly brilliant way to do business, if completely illegal and reprehensible.
cerber 300x207                     If you see this screen on your PC or Laptop, your week could be about to get a lot more expensive

Cerber also continues to evolve and adapt, and has recently started employing new tricks to try and stay ahead of cybersecurity companies. Trend Micro apparently discovered a new Cerber variant earlier this year that not only detects whether it is running in sandbox environments and virtual machines, but actively attempts to evade antivirus solutions using machine learning.

Ransomware evolves and adapts, but so does the security software that defends us.

As Malwarebytes concludes, we should all be thankful that Locky no longer seems to present the same threat it did in 2016, but that doesn’t mean it wont resurface in some new form in the future.

Cerber, however, is a different beast entirely. Cerber is currently overpowered and is being heavily distributed, and continues to grow and pose problems for cybersecurity vendors.

So update your software, run all your system updates, update your security software, use your security software. And be aware of what you’re doing on line.

News Courtesy