To Customer Support To Customer Support

Misconfigured Server Gives Insight Into Cerber Ransomware Operation

  • 14 January 2017
  • 1 reply
  • 249 views
Jasper_The_Rasper
Rank
Userlevel 7
Badge +54
January 13, 2017  By Catalin Cimpanu 
Security researchers have gained access to one of the servers used by the Cerber gang, from where they were able to extract basic statistics about their operation.
 
A security researcher that only goes by the nickname of Racco42 discovered the vulnerability on Thursday, January 12.
The issue affected only one Cerber server, not all, and was most likely due to a misconfiguration. The server wasn't a command and control server, but a mere staging server from where the victims' computers would connect and download the actual ransomware, which would later run and infect their PCs.
 
                 


                                                 Map of Cerber infections [Avast]
 
 
               
Full Article
 

1 reply

Baldrick
Rank
Userlevel 7
Well, it is good to know that even the miscreants can slip up from time to time (not often enough though) and hopefully the relevant authorities and experts can maximise the use of the information gleaned to in some way further disrupt/interdict this crapware's effects and the miscreants operations. :D
Webroot SecureAnywhere Complete Beta Tester v9.0.24.49, imaged by Macrium Reflect v7.2

Reply


Terms & Conditions

© 2004 - Webroot Inc.

We have recently updated our Privacy Policies. We encourage you to read the full terms here.