what is ransomware? is the big question for today’s generation. In this post, I will tell you in detail about it & also tips for Ransomware Prevention…
What is Ransomware?
Ransomware is a type of malware that prevents or limits users from accessing their system, either by locking the system’s screen or by locking the users’ files unless a ransom is paid.
More modern families, collectively categorized as crypto-ransomware, encrypt certain file types on infected systems and forces users to pay the ransom through certain online payment methods to get a decrypt key
Simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse. More advanced malware encrypts the victim’s files, making them inaccessible, and demands a ransom payment to decrypt them.
The Ransomware may also encrypt the computer’s Master File Table (MFT) or the entire hard drive. Thus, this is a denial-of-access attack that prevents computer users from accessing files since it is intractable to decrypt the files without the decryption key.
These attacks are typically carried out using a Trojan that has a payload disguised as a legitimate file.
The History and Evolution of Ransomware
Cases of this virus infection were first seen in Russia between 2005 – 2006. Trend Micro published a report on a case in 2006.
That involved a ransomware variant (detected as TROJ_CRYZIP.A) that zipped certain file types before overwriting the original files, leaving only the password-protected zip files in the user’s system.
In its earlier years, typically encrypted particular file types such as DOC, .XLS, .JPG, .ZIP, .PDF, and other commonly used file extensions.
In 2011, Trend Micro published a report on an SMS ransomware threat that asked users of infected systems to dial a premium SMS number. Detected as TROJ_RANSOM.
Another notable report involved a type that infects the Master Boot Record (MBR) of a vulnerable system, preventing the operating system from loading.
To do this, the malware copies the original MBR and overwrites it with malicious code. It then forces the system to restart so the infection takes effect and displays the notification (in Russian) once the system restarts.
- Avoid opening unverified emails or clicking links embedded in them.
- Back up important files using the 3-2-1 rule—create 3 backup copies on 2 different media with 1 backup in a separate location.
- Regularly update software, programs, and applications to protect against the latest vulnerabilities.
For more information about technology click here .