I have been hearing this from few days. Receiving warning messages saying to be aware of Ransomware, a practice followed to block your access to your own system/data over the desktop and blackmail. So I was confused! I know many of us going through this now. Hence thought of studying the thing. End of the day, I found it to be dangerous! I always say to be aware of virus over the unknown Flashes and web links, to protect the data from corrupting and loosing permanently. If you just lose your data, somehow you can manage to get it back, not everything but a few at-least. But unfortunately, if you fell for this Ransomware, you would be demanded lots of payment to get the details back. Access to the system will be blocked and to get the permission, you will receive a payment demand window, by avoiding which you are permanently lose the access to your own computer.
These changes can include:
- Encrypting data that is stored on the victim’s disk – so the victim can no longer access the information.
- Blocking normal access to the victim’s system
What is Ransomware?
Ransomware is a type of malicious software that carries out the crypto viral extortion attack from cryptovirology that blocks access to data until a ransom is paid and displays a message requesting payment to unlock it. Simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse.
More advanced malware encrypts the victim’s files, making them inaccessible, and demands a ransom payment to decrypt them. The ransomware may also encrypt the computer’s Master File Table or the entire hard drive. Thus, ransomware is a denial-of-access attack that prevents computer users from accessing files since it is intractable to decrypt the files without the decryption key. Ransomware attacks are typically carried out using a Trojan that has a payload disguised as a legitimate file.
Now a day, this has become trending news all over the world, since the attach is increased hilariously high. People and media trying to help each and every one to prevent themselves from being victims unknowingly.
With the increased popularity of ransomware on PC platforms, ransomware targeting mobile operating systems have also proliferated. Typically, mobile ransomware payloads are blockers, as there is little incentive to encrypt data since it can be easily restored via online synchronization. Mobile ransomware typically targets the Android platform, as it allows applications to be installed from third-party sources. The payload is typically distributed as an APK file installed by an unsuspecting user; it may attempt to display a blocking message over top of all other applications, while another used a form of clickjacking to cause the user to give it “device administrator” privileges to achieve deeper access to the system.
By looking at this you will understand that, nothing is out of danger! Ransomware has turned nightmare to most of the people. Even though we use many Antivirus software’s we fail to keep our mobile/PC clean as expected. This is not because Antivirus is not working, but because we are unaware of the importance of security system.
How Ransomware gets onto a computer
The most common ways in which Ransomware Trojans are installed are:
- Via phishing emails
- As a result of visiting a website that contains a malicious program
After the Trojan has been installed, it will either encrypt information that’s stored on the victim’s computer or block the computer from running normally – while also leaving a ransom message that demands the payment of a fee, in order to decrypt the files or restore the system. In most cases, the ransom message will appear when the user restarts their computer after the infection has taken effect.
Ransomware methods – around the world
Across the world, Ransomware is increasing in popularity. However, the ransom messages and methods of extorting money may differ across different regions. For example:
Fake messages about unlicensed applications
In some countries, the Trojans often claim to have identified unlicensed software that is running on the victim’s computer. The message then asks for payment.
False claims about illegal content
In nations where software piracy is less common, this approach is not as successful for the cybercriminal. Instead, the Ransomware popup message may pretend to be from a law enforcement agency and will claim to have found child pornography or other illegal content on the computer. The message will be accompanied by a demand to pay a fine.
In May 2017, the WannaCry ransomware attack spread through the Internet, using an exploit vector that Microsoft had issued a “Critical” patch for (MS17-010) two months before on March 14, 2017. The ransomware attack infected over 75,000 users in over 99 countries, using 20 different languages to demand money from users. The attack affected Telefonica and several other large companies in Spain, as well as parts of the British National Health Service (NHS), where at least 16 hospitals had to turn away patients or cancel scheduled operations, FedEx, Deutsche Bahn, as well as the Russian Interior Ministry and Russian telecom MegaFon.
The statistics goes up from country to country day by day. Many organisations are fighting to stop this at the earliest. But it is not easy as we think. They are spreading awareness to the world, since in short span of time no solution could be brought in.