CERBER ACTOR DISTRIBUTING MALWARE OVER E-MAIL VIA WSF FILES
released on 2016-05-18 @ 10:03:29 PM
Last week Forcepoint tracked an interesting e-mail campaign that was distributing double zipped files with Windows Script Files (WSFs) inside. When executed, these WSFs downloaded the Cerber crypto-ransomware. Cerber has previously been seen distributed via exploit kits and over e-mail using DOC files with macros. This is the first time that we have seen Cerber distributed via the use of WSFs.