What is Cerber ransomware
A new variant of Cerber ransomware is now targeting MS Office 365 email users, exploiting a zero-day vulnerability, using spam or phishing emails with attached malicious files.
As many other ransomware, Cerber encrypts user’s files and asks for a ransom to get the decryption key to recover the files. However, Cerber also uses the audio system of the host to play its ransom note. The ransomware demands 1.24 Bitcoin (more than 800 USD) in order to receive the encryption key.
These variants of Cerber ransomware infect the host computer being invoked by macros. It is a surprising fact that macro is still a infection vector. Macros, are a set of instructions that help to automate some tasks, dating back to 1990s. These commands can be used with malicious purposes, by a well known type of virus called macro virus.
This malware has been out in the wild since March 2016, although the variant targeting Office 365 was first spotted on June 22, while Microsoft started blocking it the day after. Microsoft Office 365 has more than 18 million users, although it remains unknown how many of them have been affected by this ransomware.
How to stay protected from Cerber ransomware
Microsoft Office 365 built-in security tools are not enough to protect you from these cyber attacks. There are some precautions you can follow to avoid being infected by this ransomware:
– Disable Macros in all Microsoft Office programs.
– Do not open emails from unknown sources. Do not ever open any attachment file, unless you are expecting it.
– Install an antivirus and keep it up-to date.
– Update your OS with the latest security patches.
– Backup your files regularly to minimize the loss in case of infection.
These good practices will not only protect you from this specific ransomware, but also from other ransomware and common threats in the wild. Install an antivirus and keep it up-to-date to detect when a threat is putting your computer at risk.