What is the Ransomware attack: Ransomware is a type of malicious software that carries out the cryptoviral extortion attack that blocks access to data until a ransom(money) is paid and displays a message requesting payment to unlock it. (Source: Wikipedia)
Simply Ransomware locks the system files and it is very difficult to reverse ransom. Advanced Ransomware encrypts the user’s data and stores in a zip file. To access the data one should pay a ransom. They will ask a payment to decrypt the data. Ransomware attacks are typically carried out using a Trojan that has a payload disguised as a legitimate file.
Ransomware Attack is of 4 types:
- Encrypt Ransomware
- Non-encrypt Ransomware
- Leakware or Doxware
- Mobile Ransomware
Ransomware Attack History:
A major ransomware in 2012, Reveton. It began spreading in European countries. And then it has shifted to US and Canada.
Encrypting ransomware reappeared in September 2013 with a Trojan known as CryptoLocker, which generated a 2048-bit RSA key pair and uploaded in turn to a command-and-control server, and used to encrypt files using a whitelist of specific file extensions
CryptoLocker.F and TorrentLocker:
In September 2014, a wave of ransomware Trojans surfaced that first targeted users in Australia, under the names CryptoWall and CryptoLocker (which is, as with CryptoLocker 2.0, unrelated to the original CryptoLocker)
Another major ransomware Trojan targeting Windows, CryptoWall, first appeared in 2014. One strain of CryptoWall was distributed as part of a malvertising campaign on the Zedo ad network in late-September 2014 that targeted several major websites
Fusob is one of the major mobile ransomware families. Between April 2015 and March 2016, about 56 percent of accounted mobile ransomware was Fusob.
In May 2017, the WannaCry ransomware attack spread through the Internet, using an exploit vector that Microsoft had issued a “Critical” patch for two months before on March 14, 2017. The wannacry ransomware attack infected over 75,000 users in over 99 countries, using 20 different languages to demand money from users. The attack affected Telefónica and several other large companies in Spain, as well as parts of the British National Health Service (NHS), where at least 16 hospitals had to turn away patients or cancel scheduled operations, FedEx, Deutsche Bahn, as well as the Russian Interior Ministry and Russian telecom MegaFon.