Cerber has been roaming around the Internet for over a year now and its authors do not plan to step aside anytime soon. It receives updates more frequently than any other ransomware sample and continues to incorporate novel techniques. Now, security researchers are fearing that the recent innovation of Cerber is a recipe for trouble.
The new version incorporates a strategy to bypass machine learning security systems. Machine learning is a highly appreciated element that is going to bring more and more benefits to users. In many cases, it is identified as a very convenient method to be used in creation of various detection systems. However, authors of Cerber show class by creating a variant that even machine learning is incapable to spot.
How does the new variant escape the radar of machine learning protection systems? The payload of Cerber uses a secretive technique to hide behind another, regular process, which appears to be harmless. This occurs when the payload injects certain codes into a secure process which is not red-flagged by a machine learning system.
The improved loader has capacities of making sure whether the device is vulnerable and ready for an infection. Basically, the infection wishes to determine whether the payload of Cerber can be detected by the security measures that are present in a device. If not, Cerber will fully blossom and initiate the file-encryption without many obstacles in its way.
We are not that surprised that authors of Cerber incorporated a new strategy in order to make their masterpiece even more feared. Despite the fact that machine learning is regarded as the future of cyber security, not all people agree with such a position and indicate that no significant changes are going to be achieved. The good news is that even thought the malicious activity of a newly detected version is not detected by machine learning systems, sophisticated anti-malware tools are able to find out when malicious codes are inserted into regular procedures.
With every new attempt to profit and compromise users’ cyber security, hackers are going that extra mile and aiming for the stars. We noticed a tendency that 2017 has definitely introduced some very elaborate infections. Cerber is only one of those threats that should convince you to put much more effort into your security and privacy. Applying anti-malware tools is a necessity for everyone. Additionally, every individual should no be eager to visit unknown websites or engage in rogue activities. Since Cerber virus uses malicious spam campaigns for distribution, we recommend that you would not open letters that are sent from sources you do not recognize.
Source: themerkle.com.
