My Laptop got infected by a Virus that spoke to me, and there’s absolutely no remedy
Advertisement
Advertisement
Of all crooked money-minting methods hackers use, the most common is ransomware.It’s a malware that’s delivered via infected email attachments, hacked websites, etc that encrypts files on your computers, and renders them useless. The
Cyber-criminals make millions of dollars from ransomware. Several organizations around the world have been badly hit by
My laptop recently got infected by one of the latest versions of this
Here’s what it does.
Advertisement
The malware encrypts users' files using AES encryption and demands that victims pay a ransom of 1.24 Bitcoins, or approximately $500 (Rs.33k).
It was silly of me to download and install what seemed an interesting free software, and I sealed my fate. You’ve been warned.
Interestingly, I hear Cerber checks if the victim is from a particular country. If the computer appears to be from any of the following countries, it will terminate itself and not encrypt the computer.
Armenia, Azerbaijan, Belarus, Georgia, Kyrgyzstan, Kazakhstan, Moldova, Russia, Turkmenistan, Tajikistan, Ukraine, Uzbekistan
If the victim is not from one of the above countries, which I’m not, the Cerber installs itself in the %AppData%\{2ED2A2FE-872C-D4A0-17AC-E301404F1CBA}\ folder and names itself after a random Windows executable. It restarts the computer soon after, and the ransomware begins wreaking havoc with my files, encrypting each document's filename and adding a .CERBER extension to it.
Advertisement
When encrypting your data, Cerber will scan your drive letters for any files that match its list of over 50 file extensions. When it finds a match, it encrypts the file using AES-256 encryption, encrypt the file's name, and adds .CERBER extension to it. So your file Office_Presentation.doc may be renamed as Zu0ITC4HoQ.cerber.
The worst is yet to come. Cerber creates 3 ransom notes on your desktop, and in every folder it has attacked. These files are called # DECRYPT MY FILES #.html, # DECRYPT MY FILES #.txt, and # DECRYPT MY FILES #.vbs. These ransom notes have threats and instructions on what has happened to your data, and every single one has links to the Tor decryption service where you can make the ransom payment and retrieve the decryptor.
At the end of each ransom note there’s this Latin quote:
Quod me non necat me fortiorem facit
- Cerber Ransom Note
In English, this translates to ‘That which does not kill me makes me stronger’. That made my blood boil.
Advertisement
Anyway, Cerber is special than other ‘unsophisticated’ malware out there. The # DECRYPT MY FILES #.vbs file contains VBScript, which will cause the victim's computer to speak to them. You heard me right!My attacker spoke to me via an automated message that says this:
Advertisement
- I got a $40K raise using this 30-second strategy. It made me realize loud work, not hard work, always wins.
- Qatar Airways' new CEO explains why it's sticking with the Airbus A380 as other airlines retire the costly superjumbo
- Prince Harry and Meghan found out about Kate Middleton's cancer diagnosis on TV like everyone else, report says
- Consuming excessive salt and inadequate potassium, protein is making North Indians prone to life-threatening diseases: Study
- Upcoming cars and two-wheelers launching in India in April 2024
- Ice melt in Antarctica and Greenland is slowing Earth's rotation, affecting timekeeping: Study
- Elections on a plate: Poll panels fix menu & expense ceiling for Samosa, tea, biryani & more
- Regenerative farming, cover crops will help farmers increase yields, reduce stubble burning: IDH CEO