- The latest version of Cerber ransomware can reportedly terminate database-related processes in order to access a computer’s database files, according to researchers at BleepingComputer.com.
- Normally, an operating system can block write access to database files if they're already being used by other processes, preventing ransomware programs from encrypting them. But Cerber apparently overcomes this challenge by terminating those other processes.
- The ransomware is sold on an underground market and has already affected computer users worldwide. The group responsible for the ransomware is reportedly set to earn more than $1 million this year.
Ransomware continues to be a major challenge for businesses, as employees routinely fall for phishing scams and companies regularly pay ransoms rather than deal with trying to recover their critical data.
Groups of cybercriminals are also coordinating their approaches. Cybercriminals "rent" Cerber, paying its creator part of their ransomware "earnings," according to reports.
Ransomware creators are growing more both more creative and productive. In addition to the latest twist on Cerber, last month Threat Post reported a new type of ransomware is encrypting computer hard drives rather than individual files.