My Laptop got infected by a Virus that spoke to me, and there’s absolutely no remedy
Advertisement
Advertisement
Of all crooked money-minting methods hackers use, the most common is ransomware.It’s a malware that’s delivered via infected email attachments, hacked websites, etc that encrypts files on your computers, and renders them useless. The
Cyber-criminals make millions of dollars from ransomware. Several organizations around the world have been badly hit by
My laptop recently got infected by one of the latest versions of this
Here’s what it does.
Advertisement
The malware encrypts users' files using AES encryption and demands that victims pay a ransom of 1.24 Bitcoins, or approximately $500 (Rs.33k).
It was silly of me to download and install what seemed an interesting free software, and I sealed my fate. You’ve been warned.
Interestingly, I hear Cerber checks if the victim is from a particular country. If the computer appears to be from any of the following countries, it will terminate itself and not encrypt the computer.
Armenia, Azerbaijan, Belarus, Georgia, Kyrgyzstan, Kazakhstan, Moldova, Russia, Turkmenistan, Tajikistan, Ukraine, Uzbekistan
If the victim is not from one of the above countries, which I’m not, the Cerber installs itself in the %AppData%\{2ED2A2FE-872C-D4A0-17AC-E301404F1CBA}\ folder and names itself after a random Windows executable. It restarts the computer soon after, and the ransomware begins wreaking havoc with my files, encrypting each document's filename and adding a .CERBER extension to it.
Advertisement
When encrypting your data, Cerber will scan your drive letters for any files that match its list of over 50 file extensions. When it finds a match, it encrypts the file using AES-256 encryption, encrypt the file's name, and adds .CERBER extension to it. So your file Office_Presentation.doc may be renamed as Zu0ITC4HoQ.cerber.
The worst is yet to come. Cerber creates 3 ransom notes on your desktop, and in every folder it has attacked. These files are called # DECRYPT MY FILES #.html, # DECRYPT MY FILES #.txt, and # DECRYPT MY FILES #.vbs. These ransom notes have threats and instructions on what has happened to your data, and every single one has links to the Tor decryption service where you can make the ransom payment and retrieve the decryptor.
At the end of each ransom note there’s this Latin quote:
Quod me non necat me fortiorem facit
- Cerber Ransom Note
In English, this translates to ‘That which does not kill me makes me stronger’. That made my blood boil.
Advertisement
Anyway, Cerber is special than other ‘unsophisticated’ malware out there. The # DECRYPT MY FILES #.vbs file contains VBScript, which will cause the victim's computer to speak to them. You heard me right!My attacker spoke to me via an automated message that says this:
Advertisement
- Colon cancer rates are rising in young people. If you have two symptoms you should get a colonoscopy, a GI oncologist says.
- I spent $2,000 for 7 nights in a 179-square-foot room on one of the world's largest cruise ships. Take a look inside my cabin.
- An Ambani disruption in OTT: At just ₹1 per day, you can now enjoy ad-free content on JioCinema
- Sustainable Waste Disposal
- RBI announces auction sale of Govt. securities of ₹32,000 crore
- Catan adds climate change to the latest edition of the world-famous board game
- Tired of blatant misinformation in the media? This video game can help you and your family fight fake news!
- Tired of blatant misinformation in the media? This video game can help you and your family fight fake news!
- JNK India IPO allotment date
- JioCinema New Plans
- Realme Narzo 70 Launched
- Apple Let Loose event
- Elon Musk Apology
- RIL cash flows
- Charlie Munger
- Feedbank IPO allotment
- Tata IPO allotment
- Most generous retirement plans
- Broadcom lays off
- Cibil Score vs Cibil Report
- Birla and Bajaj in top Richest
- Nestle Sept 2023 report
- India Equity Market