Cerber Ransomware Campaign
A new ransomware spam campaign has been detected. Cerber Ransomware is a file-encrypting virus distributed via spam email. Cerber is designed to rename and encrypt file extensions on your machine, forcing you to purchase a decryption key from the perpetrators of this ransomware.
The Cerber Ransomware will appear as a spam email containing an RTF file attachment. The spam email will have forged header information and may have a request to “Please check your invoice attached.” The RTF attachment contains the Cerber Ransomware virus. Victims of Cerber must open the RTF attachment in order to be infected with ransomware.
Please see below for an example of the Cerber Ransomware Spam Email.
How This Impacts You
Please alert all employees to not open any RTF file attachments from email.
Tier1Net has recently blocked RTF files through McAfee Email Security, so any Cerber Ransomware Spam Emails sent after 2:00pm on April 28, 2016 will be blocked for all clients enrolled in McAfee Email Security.
If you already received a Cerber Ransomware Spam Email, please do not open the RTF attachment. Please delete the spam email permanently from your machine. You cannot be infected with the virus if you do not open the attachment.
If anyone believes they have been infected by Cerber Ransomware, please contact Tier1Net immediately.
Steps Tier1Net is Taking
Tier1Net has recently blocked RTF files through McAfee Email Security which will deny delivery of any Cerber Ransomware Spam Emails.
Tier1Net encourages all clients to be vigilant as always about suspicious emails with attachments. Never open any file attachments without confirming authenticity with the sender first.
If you have any questions about the Cerber ransomware campaign, please call our office at (781)935-8050.