A new campaign called Blank Slate is now leveraging Cerber ransomware.
The attack goes out with no message text and there’s nothing there to indicate what the attachments are, said researchers at the SANS Internet Storm Center. The subject line and attachment names are vague and consist of random numbers, which is how we all title most of our files. That is why they called the attack Blank Slate.
The Blank Slate campaign has been used before with other types of ransomware, but this time around, Cerber appear front and center.
Cerber is a ransomware that will encrypt documents, photos, databases and other important files on your computer. To get the decryption key, victims are usually told to pay a ransom of $500 in Bitcoin.
I always wonder how effective campaigns like this are,” Brad Duncan from SANS Internet Storm Center said in a blog post. “Potential victims must open an attachment from a blank email, go through two zip archives, then double-click the final file. If the final file is a Word document, the victim must also enable macros. And that works on default Windows configurations. But properly-administered Windows hosts and decent email filtering are enough, I think, to keep most people from worrying about it. I’m far more interested in the cycle of abuse targeting hosting providers. Without web servers to host ransomware binaries, Blank Slate cannot continue its current method of operations.”