Cerber Ransomware has been on the raise in 2016. There has been several campaigns – and the worse thing: it seems that Cerber won’t fade away in 2017.
A fake credit card email campaigns addressed people who are shopping lately for holiday season 2016 contains a Cerber download link (see this Microsoft article). But there has been several campaigns over the last months of 2016 (see the graph below).
Cerber will be distributed in most cases via an e-mail attachment, like it is shown below as a zip attachment.
Microsoft has analyzed telemetry data from Windows Defender. The result shows that this latest exploit kit attack that leads to Cerber largely affects Asia and Europe.
Each campaign delivers variants of Cerber, but all variants tries to encrypt user data on infected systems and ask for money to unencrypt the data. Windows 10 has security technologies that can detect this new batch of updated Cerber ransomware. Microsoft is discussing further details about Cerber within this Technet blog post.