My Laptop got infected by a Virus that spoke to me, and there’s absolutely no remedy
Advertisement
Advertisement
Of all crooked money-minting methods hackers use, the most common is ransomware.It’s a malware that’s delivered via infected email attachments, hacked websites, etc that encrypts files on your computers, and renders them useless. The
Cyber-criminals make millions of dollars from ransomware. Several organizations around the world have been badly hit by
My laptop recently got infected by one of the latest versions of this
Here’s what it does.
Advertisement
The malware encrypts users' files using AES encryption and demands that victims pay a ransom of 1.24 Bitcoins, or approximately $500 (Rs.33k).
It was silly of me to download and install what seemed an interesting free software, and I sealed my fate. You’ve been warned.
Interestingly, I hear Cerber checks if the victim is from a particular country. If the computer appears to be from any of the following countries, it will terminate itself and not encrypt the computer.
Armenia, Azerbaijan, Belarus, Georgia, Kyrgyzstan, Kazakhstan, Moldova, Russia, Turkmenistan, Tajikistan, Ukraine, Uzbekistan
If the victim is not from one of the above countries, which I’m not, the Cerber installs itself in the %AppData%\{2ED2A2FE-872C-D4A0-17AC-E301404F1CBA}\ folder and names itself after a random Windows executable. It restarts the computer soon after, and the ransomware begins wreaking havoc with my files, encrypting each document's filename and adding a .CERBER extension to it.
Advertisement
When encrypting your data, Cerber will scan your drive letters for any files that match its list of over 50 file extensions. When it finds a match, it encrypts the file using AES-256 encryption, encrypt the file's name, and adds .CERBER extension to it. So your file Office_Presentation.doc may be renamed as Zu0ITC4HoQ.cerber.
The worst is yet to come. Cerber creates 3 ransom notes on your desktop, and in every folder it has attacked. These files are called # DECRYPT MY FILES #.html, # DECRYPT MY FILES #.txt, and # DECRYPT MY FILES #.vbs. These ransom notes have threats and instructions on what has happened to your data, and every single one has links to the Tor decryption service where you can make the ransom payment and retrieve the decryptor.
At the end of each ransom note there’s this Latin quote:
Quod me non necat me fortiorem facit
- Cerber Ransom Note
In English, this translates to ‘That which does not kill me makes me stronger’. That made my blood boil.
Advertisement
Anyway, Cerber is special than other ‘unsophisticated’ malware out there. The # DECRYPT MY FILES #.vbs file contains VBScript, which will cause the victim's computer to speak to them. You heard me right!My attacker spoke to me via an automated message that says this:
Advertisement
- In second consecutive week of decline, forex kitty drops $2.28 bn to $640.33 bn
- SBI Life Q4 profit rises 4% to ₹811 crore
- IMD predicts severe heatwave conditions over East, South Peninsular India for next five days
- COVID lockdown-related school disruptions will continue to worsen students’ exam results into the 2030s: study
- India legend Yuvraj Singh named ICC Men's T20 World Cup 2024 ambassador
- JNK India IPO allotment date
- JioCinema New Plans
- Realme Narzo 70 Launched
- Apple Let Loose event
- Elon Musk Apology
- RIL cash flows
- Charlie Munger
- Feedbank IPO allotment
- Tata IPO allotment
- Most generous retirement plans
- Broadcom lays off
- Cibil Score vs Cibil Report
- Birla and Bajaj in top Richest
- Nestle Sept 2023 report
- India Equity Market