CerberTear Ransomware
Low-skilled ransomware authors who use open-source ransomware to craft their own crypto-threat variants seem to be getting craftier and the proof for this is a threat called the CerberTear Ransomware. The strange name is a combination of the HiddenTear Ransomware and the Cerber Ransomware, and the reason for it is that the CerberTear Ransomware is based on the HiddenTear projects, but it fully copies the ransom note, file extension, recovery instructions, and other content that the original Cerber Ransomware uses. The final product is a decryptable piece of ransomware that may mislead its victims into thinking that they have been infected by the Cerber Ransomware, which is not decryptable easily.
The CerberTear Ransomware mimics the tricks used by all Cerber Ransomware variants below the Cerber 4.0 Ransomware. It appends a '.cerber' extension to all encrypted files, and drops a ransom note in a file named 'HOW_TO_RESTORE_YOUR_DATA.html,' just like the first versions of the Cerber Ransomware did. The content of the ransom note does not mention HiddenTear anywhere, and the authors have copied the ransom message that the Cerber Ransomware's operators use to scare their victims into paying them money directly. The CerberTear Ransomware has set a price of 0.4 Bitcoins for the decryption instructions that victims will need to restore their data, and a quick check shows that the Bitcoin wallet address used by the CerberTear Ransomware's operator has already received over 13 Bitcoins from victims.
It is obvious that the CerberTear Ransomware's authors have put a lot of thought into their threatening product, and they have made sure to include all small details that may give their ransomware a bigger chance to succeed. Keep in mind that the latest versions of the Cerber Ransomware don't use the '.cerber' extension and any of the previous versions are unlikely to be distributed. This means that if you can't access your files, and they have the '.cerber' extension appended to their name, it is very likely that you may have become a victim of the CerberTear Ransomware. If this is what is happening, you should attempt to use one of the free HiddenTear decryption tools since may help you fully recover your files. If the CerberTear Ransomware gains more pace, then it is likely that malware researchers may release a dedicated decryption utility for this particular variant. Keep in mind that decrypting your data for free should always be accompanied by a full anti-malware scan, which should ensure that all of CerberTear Ransomware's components are erased from your computer.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.