Zero-Day Warning! Ransomware targets Microsoft Office 365

Zero-Day Warning! Ransomware

Zero-Day Warning! Ransomware is rebirth of Cerber Ransom virus. It has attacked numerous Windows PC and still counting. The new variant of Cerber ransomware has ability to invade MS Office 365 in built security tools and encrypt files stored on user’s computer. It is hard to believe that a single malicious Macro file which come attached with Spam email can enable Cerber ransomware virus on your computer but it is the fact. The Zero-Day Warning! Ransomware has first detection by Avanan Cloud security platform. According to Steven Toole (Chief Marketting Officer of Avanan) – “As it respawned into a second life, this time Cerber was widely distributed after its originator was apparently able to easily confirm that the virus was able to bypass the Office 365 built-in security tools through a private Office 365 mail account.”. What is most astonishing fact, it attacked by enabling Macros and thus it compromised the security of the system making users of Microsoft Office 365 its victim.

ref this:

Zero-Day Warning! Ransomware or Cerber ransom virus has utilized phishing emails to wide spread itself. Fifty-seven percent (57%) MS Office email users of different organization and individuals have experience this ransomware attack even after the users have an active Check Point SandBlast Zero-Day Protection. Including Avanan security platform, several other antivirus and anti malware programs are not able to prevent PC from Zero-Day Warning! Ransomware or Cerber ransomware. Let us find more facts about Zero-Day Warning! Ransomware

How Exactly Cerber Ransomware Works?

Like other Ransomware infection, Cerber ransomware spread through phishing or Spam email. Once infected, the victim’s files are encrypted using AES-265 and RSA encryption method, which seems unbreakable, and the users get the message that they have to pay a ransom of 1.24 Bitcoins (500 USD), to get back your encrypted files. The users on targeted online computer receives an email with attachment file and if the user would open the attachment file then the ransomware get executed in background. Cerber Ransomware runs a scan to find user’s personal files of different formats as documents, music, videos, emails etc. thereafter the ransomware program encrypts those files by using AES and RSA file encryption algorithm. So on a compromised computer the victims all their files encrypted with .CERBER extension, as for example a file named as My_file.doc may appear as Uz0TI4COhQ.cerber on infected PC. To make users more upset the ransomware program creates a # DECRYPT MY FILES #.vbs that uses system speakers to remind users about file encryption flash a speaking message. Zero-Day Warning! Ransomware also releases # DECRYPT MY FILES #.html and # DECRYPT MY FILES #.txt ransomware note to instruct users about payment of bitcoins on specified address.

for more details visit

Preventive Measures for Zero-Day Warning! Ransomware

To prevent yourself from Zero-Day Warning! Ransomware or any ransomware attacks :

  • Always keep your computer system and antimalware updated.

  • Take back up your files to an external hard drive on regular basis

  • Disable Macros in MS Office suit.

  • Always beware of Spam emails, Phishing attempts, fake offers and malicious links while web browsing.