Free Articles, Free Web Content, Reprint Articles
Saturday, April 10, 2021
Free Articles, Free Web Content, Reprint ArticlesRegisterAll CategoriesTop AuthorsSubmit Article (Article Submission)ContactSubscribe Free Articles, Free Web Content, Reprint Articles

After PC Cerber's Ransom Note Has Been Found In Two Android Apps

The Cerber Ransomware is very similar to other ransomware which usually, encrypt the victim’s files saved on all the connected drives on the computer. The attack was mostly found on Windows PC But now the hacker is attacking Android devices also. 

The malware researchers have just found the ransom note of Cerber in the source code of two Android applications. Accechiamoli and ForzaFň, which include the infamous README.hta file, which can be downloaded directly from Google Play Store. It is disturbing and terrifying to discover that the developers of this dangerous malware have decided to expand their target field. However, we can say this is not a serious problem. The new malicious campaign for Android devices has not yet been launched. Thus, the virus currently affects only users of the Windows operating system. Therefore, fans of the Italian football club "Foggia Calcio" should not be worried about the possibility of being infected by this ransomware.

 The ESET security team analyzed these two applications in search of the destructive load of Cerber. However, they found nothing suspicious and potentially dangerous for Android devices. The scanner only detected the README.hta file - Cerber's ransom note. According to Lukas Stefanko, ESET's mobile security expert, one of the reasons why this file was found in these applications is that the developer of this application, namely Francesco Pio Recchia, had been the victim of an attack Of Cerber. During the attack, the virus generated a ransom note in each folder containing encrypted files. Therefore, if the developer did not extract these files, they could have been left in the application's icon folder.

 Another hypothesis suggests that the designer of the icons that are used in the applications Accechiamoli and ForzaFň could have themselves suffered from the attack of Cerber. Thus, the ransom note would have been accidentally left in the icons folder. Also, the developer certainly did not check it and simply copied and pasted it. In fact, the ransom note had just gone unnoticed. However, these are only hypotheses. The truth about what really happened is still unknown.

 However, although HTA files can be used for spreading file encryption viruses, this is not the case. The README.hta file is not malicious and does not have an attack code. Security programs have identified it as malicious, but the truth is that it can not cause any damage to the device. These are simple instructions about what hackers require of their victims after a ransom attack. The ransom note includes information on data encryption and ransom payment requirements to retrieve them. Victims are encouraged to transfer an amount to Bitcoins through the special Cerber payment website that they can access using only the Tor browser. HoweverFind Article, We want to remind the victims of this ransom that they must not follow the instructions of cyber criminals. Paying the ransom does not guarantee that you get back access to your files.


Source: Free Articles from


A blogger, the internet is my friend and pretty expert in designing. By profession, I am a content writer and extremely fond of anything that is related to cyber security and latest malware.


Home Repair
Home Business
Self Help

Page loaded in 0.074 seconds