According To Wikipedia:
Ransomware is a type of malware from cryptovirology that threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid.
In simple words:
As the name implies, it is malware that locks a victim’s electronic device such as a computer, a laptop, or a smartphone. In some cases, it may encrypt the victim’s files which remain locked until the victim pays an attacker ransom.
How can ransomware Infect your system ?
It can infiltrate your system like any other malware. It can get into your system through the following ways:
- Accessing a malicious attachment or a phishing email that attackers send you. For example, they may send you an email with a malicious attachment. If you clicked on the attachment, your system would be infected.
- Clicking on any suspicious links that you don’t know about can also lead to getting your system infected by Ransomware or any other type of malware.
- Downloading software’s from an unofficial site.
- Mounting infected USB drives or hard drives.
How does ransomware attack work ?
After the successful entry of this in your system, in most cases, it will run a payload that will lock the system or start locking your valuable files in the background. While locking files, it will use a robust encryption method like PGP. After encrypting all files, a text file that contains all the information related to the ransomware will be generated. The file may include information about how to contact the attacker for payment or ransom.
If your files get encrypted by some strong algorithm, then the only way to get them back is to pay the attacker. In some cases, attackers may not provide the keys to decrypt the files, even if you paid them!
Whatmore, this is not the only way it can affect you. There are various types of ransomware.
Types of Ransomware
Crypto ransomware encrypts the valuable files that are available on the victim’s device. Though it does not encrypt all the files, it scans valuable files in the background and encrypts them. Most targeted files contain sensitive information such as personal and financial information, work projects, or business plans. It is almost impossible to decrypt the encrypted files without the correct decryption key. To regain access to your files, you have to pay the attacker for the correct key.
Some examples of popular Crypto ransomware are CryptoLocker, BadRabbit, SamSam and Thanos.
Locker ransomware can lock the system. This prevents victims from accessing their devices. After locking out the devices, the attackers demand ransom to unlock them. Attackers who perform locker ransomware often use social engineering attacks to pressure the victims into paying the ransom. For instance, the attackers may claim that the locked devices have been used for some illegal activities. The victims must pay ransom to avoid trouble from law enforcement agencies.
Reveton is an example of a popular locker ransomware.
Other types of Ransomware
Crypto and Locker ransomware are the two main types of ransomware, but there are other types of ransomware too. This includes Mac Ransomware, Leakware Ransomware, and Scareware Ransomware.
Mac Ransomware such as KeRanger and EvilQuest can affect Apple’s desktops and laptops. It works the same as crypto and locker ransomware.
Leakware Ransomware, aka Doxware, is a new strategy in which an attacker locks a victim’s files and also threatens to share those files in public. Not only victim is required to pay the attacker for decrypting files, but he/she is also required to pay the attacker for keeping his/her information private.
Scareware Ransomware is a type of malware that displays fake messages and pop-ups that aim to trick a computer user into believing that his/her computer has been affected by some malware. Rather than directly asking for money, it tells the victim to purchase their antivirus. In some cases, after the victim installs that antivirus, it acts like malware.
How to prevent yourself getting attacked ?
- Always keep your system updated to the latest version available.
- Always install software from trusted sources.
- Install some good antivirus in your system.
- Keep a backup of your valuable files.
- Never visit a malicious website or click on any link.
- Avoid opening emails and attachments from unknown sources.
Following these simple steps, you can prevent yourself from getting attacked by ransomware and any other malware.