Misconfigured Server Gives Insight Into Cerber Ransomware Operation
Catalin Cimpanu reports:
Security researchers have gained access to one of the servers used by the Cerber gang, from where they were able to extract basic statistics about their operation.
A security researcher that only goes by the nickname of Racco42 discovered the vulnerability on Thursday, January 12.
The issue affected only one Cerber server, not all, and was most likely due to a misconfiguration. The server wasn’t a command and control server, but a mere staging server from where the victims’ computers would connect and download the actual ransomware, which would later run and infect their PCs.
Read more on Bleeping Computer.