Multilingual ransomware tells users their files are encrypted
A new ransomware has been developed that verbally informs its victims that it has encrypted their files.
Independent malware analysts BiebsMalwareGuy and MeegulWorth first detected the Cerber ransomware earlier this week. Cerber encrypts users' files using AES encryption and demands a ransom of 1.24 Bitcoin.
If the victim hales from a specific country on a list of eastern European countries, their computer will not infected by the malware.
At the time, dormant features in the code let the malware map and encrypt files on network drives that are linked to compromised machines. Once encryption is completed, the malware generates three ransom notes. One of the notes allows the computer to verbally read out the extortion message to victims in one of 12 different languages supported by the ransomware.
Graham Cluely said in a blog post, “The fact that Cerber has the ability to target network shares, not to mention its decryptor's compatibility with 12 different languages, attests to the increasing sophistication of today's ransomware campaigns. It is therefore recommended that users maintain regular backups of their data, that they avoid clicking on suspicious link, and that they maintain an updated anti-virus solution on their machines.”
YouTube has uploaded a video of the ransomware in action.