Ransomware… What Is It?


With all the viruses and malware that surfaced the internet, still more and more are emerging and they are becoming more and more sophisticated than before. One of the worst malware that you don’t want to meet is ransomware. Ransomware is a type of malware that restricts a person or user from accessing their system. They do this either by locking the user’s files or by locking the system’s screen except if you pay a ransom.

In other words, they are like kidnapping your files on your computer and demanding a ransom. More recent ransomware families, communally classified as crypto-ransomware, encrypt specific files or file types on infected machines and forces users to pay the ransom by means of specific payment methods to acquire a decrypt key. Just like in an actual kidnap-for-ransom scenario, they offer to give the decrypt key within a given period and if the user fails to pay, the decrypt key is deleted.


Ransom Payment and Amount

Ransom amounts differ according to the variant of the ransomware and the exchange rates of digital currencies. Ransomware operators usually indicate the ransom payment in bitcoins because of its distinguished anonymity. Some of the latest ransomware variants have also added alternative payment methods like Amazon and iTunes gift cards. You should also remember that paying the ransom doesn’t give you the guarantee that they will give you the decrypt key or unlock tool to gain access again to your computer.

Types of Ransomware

It is probably hard to imagine but the first ever ransomware in history surfaced in 1989 and it was called “AIDS Trojan”. Its scheme seems very basic nowadays. It is distributed using floppy disks and includes sending $189 to a post office box in Panama as payment for the ransom. As it evolve and become more sophisticated, they are classified into two main types:

  1. Lock screen ransomware – this type of ransomware is quite old and a lesser common type. It locks a user’s screen and frequently flashes spoofed messages to make you believe that they come from the police. Its objective is to scare the victim into paying the ransom.
  2. Crypto-ransomware – this type of ransomware is definitely the most common and the most damaging type. Once it is able to penetrate your computer, it will begin encrypting all of your files or the majority of the data in your hard drive according to file type. The attacker or operator will then demand a ransom, most of the time a few hundred dollars, to be paid in bitcoin in exchange for the very vital decryption key that will allow you to gain access again and be able to read the data.

Encryption, by the way, is the conversion of data into another form called “ciphertext”. In this form, the content of the file can’t be easily understood by anyone unless you are authorized or you have the decrypt key to restore the file back to its original form.

Bad news is ransomware is everywhere. It means you can get infected in many different ways. Ransomware can appear as a simple spam email or maybe a malicious link or attachment. You can also get infected by simply visiting a legit website that has previously been infected. You can also get it on websites that contains malicious ads. That’s why it is very important that you have an up-to-date antivirus or internet security program that will be on your back in case something tries to get in.

The most important advice that a user should take in consideration is to not pay. The operators behind these schemes will continue on attacking as long as money can be made from it.


Sharath Reddy

Related Articles