The rundown on ransomware
Learn about current ransomware strains and how they operate
Ransomware is shaping up to be “public enemy number one” in
Ransomware is a type of malware that either encrypts or quarantines files until a ransom is paid for the files to be restored. Here are some of the current ransomware strains and how they operate.
This strain gets its access by exploiting vulnerabilities in servers, like an out-of-date patch, then infects all devices connected to the network. Samsam encrypts data, files, and even backups until the ransom is paid and the files are released.
Maktub and Samsam are unique in that they’re both a sort of “one-stop shop” for
This species of ransomware is delivered as an email attachment that is disguised as a Microsoft Word invoice. If opened, the document looks garbled and requests that users enable macros to make the text legible. Once enabled the malware encrypts all files until the ransom is paid.
This ransomware strain targets a key Windows system file called the Master Boot Record that helps a PC start up. Peyta overwrites this file, which blocks users from getting into their PC until they pay the requested ransom.
This strain of ransomware encrypts data across an entire network, as opposed to individual computers. The malicious program scans networks looking for
This virus strikes by hiding inside of a document generated by Microsoft Word, burying malicious code in attached Word documents that are emailed. When the harmless-looking Word document is opened, the ransomware attack code is launched. It’s considered dangerous because its unique delivery system indicates some “outside the box” thinking by ransomware coders.
Another growing trend in ransomware is the dwindling use of Bitcoin as the payoff. Cybercriminals have begun requesting gift cards and other pre-paid cards. Since gift cards are relatively easy to track, it is suspected that the cards are resold online.
If your system is attacked by ransomware, the recommended course of action is to contact the authorities – some of the viruses have known decryption keys. In some reported cases, though, law enforcement will inform victims that paying the ransom is the best course of action.