Cerber Ransomware: An International Franchise

Cerber Ransomware, considered by some experts as the largest ransomware-as-service scheme in the world, has developed into an international franchise.

Widely thought of originating from Russia, the ransomware giant had more than 160 campaigns in July of last year alone. These campaigns affected 150,000 users in 200 countries around the world. Estimates peg their profits at US $195,000 – with the top developer raking in about $78,000 of it.

Cerber also has been known to avoid users from Armenia, Azerbaijan, Belarus, Georgia, Kyrgyzstan, Kazakhstan, Moldova, Russia, Turkmenistan, Tajikistan, Ukraine, and Uzbekistan – members of the former Soviet Union.

Experts estimate Cerber authors and their affiliates make up to $2.5 million per year – up from around $1 million in 2015. At about $6000 per iteration of Cerber, authors and affiliates make up to more than 1425% in profits.

Intel’s Matthew Rosenquist said that ransomware’s “next evolution” would be chasing businesses. “Cerber attempts to stop database processes running on the target system so it can encrypt the data,” he added.

These campaigns have affected at least 150,000 users in 200 countries around the world – raking in upwards of $195,000 in ransom.

Cerber perpetrators shifted their focus from consumers to businesses that typically ran databases that kept important, private company data. When these files are open and applied on software, they cannot be easily encrypted.

Cerber ransomware also isn’t the first type of ransomware to target businesses. Reports have been published about ransomware types that target organisations in charge of safekeeping valuable data, demanding ransom amounts of tens of thousands of dollars in exchange for decryption keys.

System administrators must be on the lookout for databases that abruptly stop – this could be a warning sign that Cerber has infiltrated their system. Cerber-encrypted files are hard to recover without decryption keys, forcing infected users to pay up.

Cerber victims who cannot decrypt their ransomware-infected systems should try Trend Micro’s Ransomware File Decryptor – it is continually updated and compatible for both home and business users.

Comprehensive multi-device protection for you and your family for up to 6 PCs, Macs, Android, and iOS devices. For more info click here.

Share on social media:

Leave a Reply

Your email address will not be published. Required fields are marked *