Russians Now Play Roulette with Ransomware
If you have not yet heard about Cerber, it is a new addition to malware that demands a ransom to unlock encrypted files. According to security firm SenseCy, Cerber developed by a group of Russian coders, now offers TTS (text-to-speech) feature that reads out the ransom note.
The ransomware is now offered as a service on the Russian part of the dark web. This means the actual application of the malware is undertaken by other than the coders who get a cut when the ransom is paid out.
What security researchers found fascinating about Cerber is that it skips infecting users residing in the former Soviet Union. On infecting a users computer, the malware gives an error prompting the user to restart the computer which restarts in “Safe Mode with Networking” and then forcibly restarts the computer again in normal mode.
After this restart, Cerber starts encrypting files with an AES algorithm targeting 380 file types, scrambling the files’ name and adds the .cerber extension making it impossible to decrypt. Source: http://news.softpedia.com/news/russian-ransomware-encrypts-your-files-and-then-speaks-to-you-501322.shtml