Hackers Weaponize Betabot Malware To Deliver Dangerous Cerber Ransomware Payload

As unfortunate as it is, it's really hard nowadays to be shocked at the thought of someone getting infected with malware, or even a piece of ransomware (which can now even affect Linux). It is still possible to get shocked though, with Betabot proving it for us. This piece of malicious software doesn't just fetch user data from an infected machine, it also infects the machine with ransomware. Oy.

Betabot is arguably one of the worst types of malware out there, as it's effective at getting through security protections to find and take financial information, and then lock the machine up type before leaving, requiring a payment to regain access. As if one of these attacks isn't bad enough; to get infected with both would be downright maddening.

Betabot Cerber Files

Despite having been around since 2013, Betabot has apparently evolved into is now more potent form. It used to "only" fetch sensitive information from a PC (including banking information), but now it tosses some Cerber ransomware in for good measure.

Betabot can become installed on a PC by masking itself behind a CV (resume) document. When opened, the user will be asked to enable macros, and once that's done, the malware can get to work. It probably doesn't need to be said, but if you are opening a document you're not familiar with, and it's asking you to perform specific actions, it'd be wise to exercise extreme caution.

Those who've been infected by Cerber have had to pay about 1 Bitcoin to regain access to their PC. As we covered in the Linux ransomware story last week, it's important to keep good backups of all of your data, so that if you do happen to get locked-down with ransomware, you should be able to reformat your entire PC and restore the data from backups afterwards. No one deserves to be taken advantage of, and keeping good backups is one way to make sure you are never taken advantage of in this way.


Via:  Invincea
Show comments blog comments powered by Disqus