Ransomware

Ransomware is a type of malware that prevents or limits users from accessing their system. This type of malware forces its victims to pay the ransom through certain online payment methods in order to grant access to their systems, or to get their data back. Some ransomware encrypts files (called Cryptolocker). Other ransomware use TOR to hide C&C communications (called CTB Locker).
The ransom prices vary, ranging from $USD 24 to more than $USD 600, or even its bitcoin equivalent. It is important to note, however, that paying for the ransom does not guarantee that users can eventually access the infected system.
Users may encounter this threat through a variety of means. Ransomware can be downloaded by unwitting users by visiting malicious or compromised websites. It can also arrive as a payload, either dropped or downloaded by other malware. Some ransomware are delivered as attachments to spammed email.

Once executed in the system, a ransomware can either (1) lock the computer screen or (2) encrypt predetermined files with a password. In the first scenario, a ransomware shows a full-screen image or notification, which prevents victims from using their system. This also shows the instructions on how users can pay for the ransom. The second type of ransomware locks files like documents, spreadsheets and other important files.

Ransomware is considered a "scareware" as it forces users to pay a fee (or ransom) by scaring or intimidating them. In this sense, it is similar to the FAKEAV malware, though using a different tactic. Instead of capturing the infected system or encrypting files, FAKEAV coax users into purchasing their bogus antimalware software by showing fake antimalware scanning results.

For more Information Visit: trendmicro.com

 

 

Library