It's not unusual for brands to occasionally have to re-envision themselves. Apparently this applies to legitimate and illicit brands equally.
Recent campaigns have revealed that the developers of the Cerber Ransomware have made the daring move to remove superfluous vowels from their name, rebranding the ransomware as CRBR.
Even bolder is that this fashion makeover has had zero actual impact on their product. The source code is still the same (minus the letter 'e'). It's still the same ransomware, just in a slightly more chintzy package.
Like the original Cerber, files encrypted by CRBR will have their file names and extensions scrambled beyond readability.
Payment for decryption currently stands at .5 Bitcoin (~$1300), which increases to 1 Bitcoin (~$2600) after 5 days.
Unfortunately, Cerber/CRBR Encryptor still uses an encryption method that cannot be readily broken. For now, decryption of computers infected with the ransomware is impossible for free, paying the ransom is the only recourse.
To add protection against Cerber/CRBR Encryptor we recommend enabling the following targets:
- Standard mode
- TS Curated - Ransomware - IPs
- TS Curated - Ransomware - Domains
- Expert mode (included in the curated targets for standard mode)
- TS Originated - Ransomware - IPs
- TS Originated - Ransomware - Domains