What is Cerber ransomware?
Cerber is one of the most active kinds of ransomware. It encrypts the files of its victims and demands money in exchange for giving access to their files back. It works even if you are not connected to the Internet, so you can’t stop it by unplugging your PC.
Just like any other type of ransomware, Cerber virus generally attacks via phishing emails and exploit kits. Once your PC is fully infected and your files encrypted, you are met with a message that gives instructions on how to decrypt them. The ransom is demanded in bitcoins with the promise you will gain access to your files once you pay the fee.
In July 2016, active Cerber ransomware campaigns delivered via exploit kits successfully infected roughly 150,000 users worldwide.
How does it work?
Earlier version of Cerber renamed encrypted files with a .cerber extension. Newer versions now add a random file extension. Cerber finds its way inside your system by employing the help of a Trojan horse virus. It is most commonly distributed via emails.
Usually, you would receive an email in your inbox with either some form of attachment or a link to some website in it. The Trojan virus will typically be inside the attached file - this could even be a Word file - and will proceed to download the ransomware, as soon as you have opened the said file. Same goes for the link, if that has been the case – it will redirect you to a website from which Cerber may be downloaded from.
What is so special about Cerber?
Cerber doesn't target all countries. Countries such as Armenia, Azerbaijan, Belarus, Georgia, Kyrgyzstan, Kazakhstan, Moldova, Russia, Turkmenistan, Tajikistan, Ukraine and Uzbekistan are safe from this ransomware because if the computer appears to be from any of the following countries, it will terminate itself and not encrypt the computer.
Cerber virus works based on Ransomware-as-a-Service business model, which means that affiliates can join in order to distribute the ransomware, while the Cerber developers earn commission from each ransom payment.
Will I get my data back if I pay the ransom?
To ensure victims can make the payment, attackers provide you with instructions on how to make the payment in Bitcoin.
There is this possibility of paying the ransom to the hackers. But there's no guarantee it will work, because cybercriminals aren't exactly the most trustworthy group of people.
Also, paying the ransom may encourage these bad guys to continue and even expand their operations. We strongly suggest that you do not send any money to these cyber criminals, and instead address to the law enforcement agency in your country to report this attack.
How to prevent Cerber ransomware from infecting my PC?
To prevent Cerber or any other type of malware from infecting your PC, it is crucial to have an antivirus software installed on your PC as a basic protection together with an antimalware protection that will serve as an additional layer of protection. Also, you need to have backup for your personal documents.
Unfortunately, once your PC has been infected and your data encrypted, you cannot recover them. Hackers behind the Cerber ransomware claim you will get your data back once you pay the ransom but noone can guarantee this will happen.
Antivirus and antimalware software can only remove the infection from your PC or they can block it/prevent it from infecting your PC if you were wise enough to have them installed on time. However, they cannot recover your encrypted files. Therefore, it is highly important to protect your files on time.
If you are using Zemana AntiMalware premium version (which comes with 15-days free trial), it will protect you by blocking the Cerber ransomware on time. This way, it will prevent it from infecting your PC.
However, if you decide to continue using the Trial and do not wish to purchase the Premium subscription at the end of the trial, your Zemana AntiMalware program will disable premium features. All other (basic) features will remain unchanged. This means that you will no longer be protected from Cerber, but you will still be able to scan your PC with Zemana AntiMalware, which will detect Cerber and block it.
Therefore, the best prevention against Cerber virus is installing the right protection solution even before you get infected.
Zemana AntiMalware as a Cerber removal tool
According to MRG Effitas, Zemana AntiMalware has proved to be the best anti-ransomware software on the market.
If you are looking for a solution that will help you in removing Cerber, it is important to note that Zemana AntiMalware is compatible with any antivirus software that you might have on your PC and will run alongside it without any conflicts.
Below you can find a guide on how to detect and remove this ransomware with Zemana AntiMalware.
- STEP 1: Download Zemana AntiMalware here.
- STEP 2: Once download, install the software on your PC. You can do this by double-clicking on ZAM program icon on your desktop or in your download files.
- STEP 3: Press the "Scan" button.
- STEP 4: When the scan is complete, click "Next".
- STEP 5: Restart your computer if you are prompted to do so.