Earlier this year a new type of computer virus popped up on the security radar, called Cerber. Once infected, files become encrypted and users are forced to pay a ransom in order to get them released. In this post I’ll explain you how to remove the Cerber virus and how you can get your files back.
Cerber follows several steps to hijack a system. First it installs itself through malicious links, found in bad ads or email attachments, after which the ransomware automatically starts encrypting files. By the time it’s done, which can take a few seconds, it reveals itself by the means of a pop up or ransom note requesting the payment of 1.24 Bitcoins. All files it finds thereby receive the .cerber extension.
What makes Cerber unique is that the source code itself spreads quickly via an affiliate model. Cyber criminals are able to buy the code via the dark web, after which they pay the original developers a share of their profits. Aside that, Cerber comes with audio instructions and encodes hijacked files beyond regular recovery. Until thus far the only reliable means to completely re-access an affected file is to pay.
Removing the virus
Even though security experts have not found a way to restore files to normal, it is possible to restore a portion of the affected data and exterminate the virus.
By using a security utility, such as the Decrypt My Files ransomware remover, it’s possible to scan your PC for malicious files and fix the recovered threats. This will completely remove Cerber and thereby also all affected files.
In order to get your old files back it’s advised to use file recovery software, like Data Recovery Pro, or to make use of backups. For more information on Cerber ransomware and how to remove it, also take a look at this in-depth article from Soft2Secure.