New Cerber ransomware strain morphs every 15 seconds to avoid detection
Security researchers have discovered a new twist in the plot in the ongoing evolutionary journey of the Cerber ransomware. The authors of the malware are now using a new technique that enables Cerber ransomware to morph itself every 15 seconds to avoid detection.
Ransomware is a type of malware that infects victims' systems and then proceeds to hold all data within as hostage until victims pay up a specific amount of money as ransom. In most cases, victims are asked to pay up in Bitcoin and ransom amounts can range from anywhere up to a few hundred to even thousands dollars.
Security researcher Pat Belcher of Invincea, which has been tracking the Cerber ransomware's activities since it was first identified earlier in the year, said in a blog post: "Invincea researchers see dozens of Cerber infection attempts every day. However, when we tried to duplicate the download for this variant, we noticed that the hash we received from the payload delivery server had a different hash than the one in the event above. When we downloaded it a third time, there was yet another hash. Fifteen seconds later, there was another, and then another. In all we downloaded over 40 uniquely hashed Cerber payloads — all with different hashes."
