Today I needed help with installing digital signature certificate and I couldn't. So I called up the support line. The guy was helpful and asked me to install this freeware Ammyy Admin which is TeamViewer alternative. So I went to the Ammyy website and downloaded the file. Ran it and the guy remotely solved my issue. After 1/2 hr, my PC speakers were alive with voice "Your PC has been encrypted" go to this link on Tor and pay 2 bitcoins to decrypt your data. My wallpaper changed to Cerber Ransomware. All files were renamed to some gibberish alphanumerical names with cerber3 extension. Windows defender? Ohh poor fella. The damn antivirus didn't even know what was going on. Full system scan after encryption revealed nothing.
I did a clean 3 pass format and reinstalled Windows again. My backup was of yesterday's so I did not lose any data. So big <snipped> to those ransomware makers. Let them rot in hell while I move on with my life. Only 2 hrs lost but I still can smile.
Now the real part. I did a little google search on this Ammyy Admin website and apparently they get hacked every month or so when they randomly start packaging this Cerber ransomware in their executable. Which makes me think that they are hand in gloves with the ransomware coders. My advice to fellow Neowinians: Do not use Ammyy Admin for remote access needs. There are several other alternatives.
Today I needed help with installing digital signature certificate and I couldn't. So I called up the support line. The guy was helpful and asked me to install this freeware Ammyy Admin which is TeamViewer alternative. So I went to the Ammyy website and downloaded the file. Ran it and the guy remotely solved my issue. After 1/2 hr, my PC speakers were alive with voice "Your PC has been encrypted" go to this link on Tor and pay 2 bitcoins to decrypt your data. My wallpaper changed to Cerber Ransomware. All files were renamed to some gibberish alphanumerical names with cerber3 extension. Windows defender? Ohh poor fella. The damn antivirus didn't even know what was going on. Full system scan after encryption revealed nothing.
I did a clean 3 pass format and reinstalled Windows again. My backup was of yesterday's so I did not lose any data. So big <snipped> to those ransomware makers. Let them rot in hell while I move on with my life. Only 2 hrs lost but I still can smile.
Now the real part. I did a little google search on this Ammyy Admin website and apparently they get hacked every month or so when they randomly start packaging this Cerber ransomware in their executable. Which makes me think that they are hand in gloves with the ransomware coders. My advice to fellow Neowinians: Do not use Ammyy Admin for remote access needs. There are several other alternatives.
Share this post
Link to post
Share on other sites