Cerber 5.0 has been spotted by security researcher Bryan Campbell being distributed via RIG-V exploit kits. These exploit kits allow the ransomware to be installed on a victim's computer without their knowledge when they browse to a compromised web site or possibly through malvertising. I am sure Cerber 5.0 is also being distributed via email campaigns, but at this time I do not have a sample of these emails.
Update 11/24/16 1:14PM EST: Marcelo Rivero has told me that Cerber 5.0.1 has already been spotted.
Once installed, Cerber 5.0 will encrypt the victim's data and then demand a ransom payment in bitcoins to decrypt the files.
According to Cerber security researcher BloodDolly, the main changes in version 5.0 are the following:
There were also some changes in the IP ranges used to send statistical UDP packets. These ranges are: 188.8.131.52/27, 184.108.40.206/27, 220.127.116.11/22.
18.104.22.168/27 22.214.171.124/27 126.96.36.199/22