# Malvertising On The Pirate Bay Drops Ransomware



## JMH3143

> Popular torrent site The Pirate Bay was serving ransomware via a malvertising attack this week-end. The fraudulent advertiser was using a ‘pop-under’ to silently redirect users to the Magnitude exploit kit and infect them with the Cerber ransomware.
> 
> This is part of the same Magnitude EK malvertising campaigns we have documented previously on this blog. The ad network changes, but the modus operandi remains the same.


https://blog.malwarebytes.org/threa...vertising-on-the-pirate-bay-drops-ransomware/


----------



## bigalster

My buddy has told me he has Cerber 2 infected on his PC and that files are encrypted etc... I was wondering how can be get rid of this? I suggested your guys as you are the best. I was wondering if i got him to join and he posted his problem you guys could assist? Please let me know? Thx
PS. he tells me he has a tech trying to fix this problem but i asked him if he knew what he was doing as he hasn't had any luck retreiving encrypted files other than those that are 5 years old?


----------



## Deejay100six

Hi,

Your friend should follow the instructions here > NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help - Tech Support Forum

Try to follow all of the steps. If there is one you can't follow, skip to the next and let the analyst know in your thread.

Post your logs as per the instructions........not here.

Be advised that this part of the forum is usually very busy so some patience will be required but they will get to you eventually.

Good luck. :smile:


----------



## bigalster

Thanks DJ! My friend seems to think that because you haven't addressed specifically, his malware cerber 2; that you guys won't be able to help him! I told him this is nonsense that you guys are the best alot of you are MS experts.
Either he wants my help or he doesn't right? I don't know why he is so sceptical that you won't be able to fix this. It's entirely up to him. I told him to join and follow your instructions. He just finished getting back his PC from a tech who wasn't able to help him,what can i say? Some nuts are hard to crack!


----------



## Deejay100six

First of all, and this might impress your friend, no-one here at TSF is allowed to help with malware related issues unless they have been properly trained at one of the recognised schools.

http://www.techsupportforum.com/forums/f50/please-read-who-is-helping-you-93034.html

The above mentioned training usually takes from a year to 18 months depending on the time commitment of the trainee.

The Cerber ransomware is relatively new so I'm not familiar with it. Apparently it encrypts your files and asks for money to decrypt.

My first thought was that this might be similar to file infector Ramnit, which, as I recall, was one of a couple of things that 100% cannot be fixed. I'm fairly sure now that this is not the case and it seems that a tool has been released to deal with this issue.

Tell your friend that if theres any possibility of this being fixed, it is most likely to happen here at TSF.


----------

