The cyber-criminals behind a fresh ransomware campaign are celebrating the new year with a malware cocktail—one that’s spreading the Cerber ransomware.
According to Heimdal Security, this ongoing ransomware campaign packs a big punch against its victims, aiming for a high success rate in terms of infected systems.
It begins by compromising legitimate websites by injecting malicious scripts. The injects then redirect the victims’ internet traffic to a Cerber gateway which is known as Pseudo Darkleech, which is a type of malware infection created to add a strong obfuscation layer and keep detection rates low.
The malicious script injected into these websites is the Nemucod generic malware downloader, which is used to download and run Cerber ransomware. The attackers are exploiting vulnerabilities in Internet Explorer, Microsoft Edge, Flash Player and Silverlight to infect unsuspecting users.
“Please keep in mind that this ransomware campaign can affect both individual internet users and companies,” said Heimdal