The widespread Bitcoin extortion Cerber is famous for many vicious activities, including stealing passwords of browsers and data for logging into cryptocurrency wallets.
Nowadays, the computer researchers have uncovered a ransomware on the website of the US National Wildfire Coordinating Group (NWCG).
It is unclear how long the ransomware has been embedded on the official government website and if the malicious file was able to victimize someone. According to the information provided by cointelegraph.com, the file was already removed, however, the fact that it was able to penetrate an official .gov domain is disturbing.
Thus, as reported, the file hosted a downloader for the Cerber ransomware. In generall, Cerber attacks by encrypting files on an infected device and makes them inaccessible until the owner agrees to pay a ransom in Bitcoin.
It is believed that the government's site was hacked or the file was included in an email sent to a government official. The NWCG has not issued a public statement or provided additional information on the discovery and successful removal of the malicious file.