- Jul 22, 2014
- 2,525
The Cerber ransomware has received an update that allows it to collect and steal data from a victim's computer, similar to an infostealer.
According to Gilbert Sison and Janus Agcaoili, two security researchers at Trend Micro, the most recent version of the Cerber ransomware can dump browser passwords and can steal files related to Bitcoin wallets.
Cerber adds infostealer features
More precisely, Cerber can dump passwords stored in browsers such as Internet Explorer, Google Chrome, and Mozilla Firefox.
In addition, Cerber also looks for data files related to three Bitcoin wallet apps. It searches and steals files named wallet.dat (used by the official Bitcoin Core wallet), *.wallet (used by the Multibit wallet app), and electrum.dat (used by the Electrum wallet app).
While the browser passwords extracted from the user's browsers will be useful in taking over online accounts, the Bitcoin wallet data may not be of help.
....
According to Gilbert Sison and Janus Agcaoili, two security researchers at Trend Micro, the most recent version of the Cerber ransomware can dump browser passwords and can steal files related to Bitcoin wallets.
Cerber adds infostealer features
More precisely, Cerber can dump passwords stored in browsers such as Internet Explorer, Google Chrome, and Mozilla Firefox.
In addition, Cerber also looks for data files related to three Bitcoin wallet apps. It searches and steals files named wallet.dat (used by the official Bitcoin Core wallet), *.wallet (used by the Multibit wallet app), and electrum.dat (used by the Electrum wallet app).
While the browser passwords extracted from the user's browsers will be useful in taking over online accounts, the Bitcoin wallet data may not be of help.
....
