Discover what great technology looks like!

When DDoS Attacks and Ransomware Combine, the Results are Ugly

When DDoS Attacks and Ransomware Combine, the Results are Ugly

Ransomware, the malware variant that has appeared more and more frequently has struck again, this time targeting users of Microsoft Outlook in a zero-day attack. A malware variant of Cerber (a ransomware) was recently utilized in a large scale attack on users of the messaging program, sent via phishing emails to corporate users.

What’s worse, this variant of Cerber is more than just your typical ransomware, as it also possesses DDoS capabilities.

DDoS, or Distributed Denial of Service, programs utilize the previously infected systems in their attacks on new victims as part of a botnet, causing the target system to cave under a deluge of useless traffic. Therefore, as an unfortunate recipient of this malware tries to resolve the problem, their system has already been assimilated into a cyber horde that’s attacking other systems.

Cerber demands a ransom of 1.24 Bitcoins to unlock the currently uncrackable ransomware, which converts (as of this writing) to approximately $718 US dollars.

The attack typically goes down as such: An intended victim receives an email with the ransomware. If activated, Cerber adds three files onto the desktop of the victim’s computer, each containing the same message. One is TXT format, one is HTML, and one is a Visual Basic Script that converts into an audio message. Their message reads: Attention! Attention! Attention! Your documents, photos, databases and other important files have been encrypted! The most annoying part is that every startup will trigger this message.

The other two files also contain instructions to navigate to the Tor payment site in order to pay the ransom, with the phrase “What doesn’t kill me makes me stronger,” transcribed in Latin at the bottom. As a brief reminder, we never recommend paying a malware ransom, as there is no guarantee that they will comply and release your files, and your funding will only contribute to further attacks.

As there is currently no known fix for Cerber, it is critical that businesses (the clear target of the ransomware) avoid falling victim to it, or any phishing-based attack for that matter. To do so, decision makers in companies should implement and enforce the following policies in their day-to-day practices.

  1. Users should be informed of email security best practices, including not running or opening attachments from unknown sources or suspect emails in general.
  2. In case of possible infection, all files should be kept on an isolated backup to prevent data loss. An infected backup is no good, and so it should remain separate from the network to avoid such a circumstance.
  3. Be sure to keep all systems thoroughly updated with the latest versions of all your protections, as malware designers are in a constant race with their programs to outpace those who design protective programs.

To find out more about threats like this affecting your business, subscribe to Techworks Consulting’s blog.

Tip of the Week: Why Routinely Changing Your Passw...
NATO Officially Declares Cyberspace a Battlefield
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Sunday, 22 December 2024

Captcha Image

Contact Us

Learn more about what Techworks Consulting, Inc. can do for your business.

Call Us Today
Call us today
(631) 285-1527


Headquarters
760 Koehler Ave, Unit #3
Ronkonkoma, New York 11779

HIPAA Seal of Compliance” width=

HIPAA Seal of Compliance” width=

Latest Blog

Businesses have seen an increase in cyberattacks, and this trend is not slowing down in 2025. Today, we want to explore what the future could hold so you can take these insights and apply them to your cybersecurity initiatives in the coming...
TOP