What is Ransomware, its types, how does it work, ways to prevent ransomware, and more | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

Ransomware manifests in different types, including crypto, locker, scareware, doxware, double extortion, RaaS, and mobile ransomwa…
Read More
Malicious software, often referred to as ransomware, is a type of software created by hackers with the aim of extorting money. Ransomware encrypts the data and files on your computer, Android phone, or may even lock it entirely. It prevents access to these files or data until the attacker receives the extorted money. Given the challenge in tracing the victim, attackers typically demand payment through cryptocurrency. If payment is not made, attackers may hack your data and potentially expose it on the dark web. Even after paying the ransom, there is no assurance that the situation will fully return to normal.

It is advisable not to pay ransom to the attackers and make a cyber complaint of such issue for the following reasons:

  • There is no assurance that paying the ransom will result in the release of your files; in certain instances, the hackers may abscond with your money.
  • Despite paying the ransom, hackers might retain the ability to access and compromise your computer/device
  • Paying the ransom gives hackers the opportunity to target additional victims as they recognize the potential for profit.
  • Paying the ransom could unintentionally support further illegal activities that the hackers may be engaged in.
  • Paying the ransom poses a risk of endangering not only yourself but also others, as hackers might exploit your personal information for identity theft or other unlawful purposes.

What are different types of ransomware

  • Crypto Ransomware: It encrypts your data and files, demanding payment for decryption.
  • Locker Ransomware: Lockers restrict access to your data, applications, and the entire system. The ransom demand is displayed on a lock screen, sometimes accompanied by a countdown clock, creating a sense of urgency for victims to respond.
  • Scareware: It intimidates victims with false threats to extort money. This deceptive software requests payment by falsely claiming to have detected a virus or another issue on your computer. While some scareware programs may genuinely harm files, others simply overload the screen with pop-up notifications.
  • Doxware or leakware: Threatens to disclose sensitive information unless the ransom is paid.
  • Double Extortion: The phrase “double extortion” describes a specific type of cyberattack in which the attacker encrypts the victim’s data and demands payment in ransom, threatening to expose the information publicly if the demand is not met.
  • Ransomware-as-a-service(RaaS): Cyber attackers can execute ransomware attacks through a form of malware termed “ransomware-as-a-service” or RaaS, eliminating the need to develop or install the software independently. Providers of RaaS typically advertise their services on dark web forums or marketplaces and receive a percentage of the ransom payments made by victims.
  • Mobile Ransomware: It has the capability to infect your devices, encrypting your personal data.

Popular ransomwares that people are aware of


  • SamSam
  • TeslaCrypt
  • Android OS/MailLocker.B
  • Koler.a
  • Akira
  • NotPetya
  • SimpLocker
  • Sodinokibi
  • WannaCry
  • Android/Filecoder.C

How ransomware gets into your device

Ransomware infects devices through:

  • Phishing emails
  • Third-party websites
  • Downloading software from unknown or untrusted source
  • Clicking on unknown links
  • SMS scams
  • Infected USB drive

What files or data are affected by ransomware

Once activated, the ransomware scans both local and network drives to identify files that need encryption. It specifically targets files considered crucial to individuals or businesses, including backup files that might be essential for data recovery. The following are common files affected by ransomware:

  • Microsoft Office: earlier versions as well as .xlsx, .docx, and .pptx files
  • Image having extensions: .png, .jpeg, .gif
  • Data: .ai and .sql
  • Video: .mp4, .avi, and .m4a, etc.

How to prevent ransomware attacks

Some important tips that can help in protecting your digital life from ransomware or malware are as follows:

  • Regularly backing up your data is crucial; it ensures that you can restore your information without resorting to paying a ransom.
  • Protect your system by installing antivirus and anti-malware software. Consider using reputable programs such as AVG, McAfee, BitDefender, Norton, and others.
  • Refrain from opening attachments or links in suspicious and unfamiliar emails. Always verify the legitimacy of the sender before taking any action.
  • Regularly update your operating system and software to address potential vulnerabilities.
  • Refrain from using USB or pen drives that belong to others, as they might contain viruses.
  • Ensure you always download your software from well-known and trusted sources. Also, avoid using modified software or apps.

end of article


Click Here For The Original Source.

National Cyber Security