Skip to main content

What are ransomwares? : An in-depth analysis of ransomwares

It’s quite common that people are held for ransom, especially when their relatives are well off. A person is taken hostage and kidnappers ask their relatives to pay huge sums if they want their beloved ones back and unharmed. Sometimes ransoms are paid and the victim returns back home while on some occasions, authorities intervene in time to save the life of victim as well as his/her kin’s dough. And sadly, on some occasions, people also have to lose their lives.



Computers have become so much important for people in today’s world and the data stored in them of much greater worth that nowadays, even computers are held for ransoms. But how? This takes place trough malicious softwares called ransomwares? Below, we make an in-depth analysis of ransomwares, which though being present since a long time ago, have become quite notorious as of lately.

What is a ransomware?

Ransomware is a type of malicious software which controls the access to the computer which it has infects, and asks for a ransom to be paid to the malware creator if that restriction is to be removed. Some ransomwares work by encrypting the files on the hard drive of computer whereas others lock the infected system and display messages enticing the user of the system into paying a certain sum of money. They were popular initially only in Russia but their notoriety has spread to other countries too over the years.

How do they work?

The infection of a computer system by ransomware takes place just like the conventional computer worms. They enter a system through file transfer or through insecurities over the internet. Then the malicious software will begin to run a payload. In one type of this malware, this will begin to encrypt files stored on the hard drive of the computer. The author of the malware only know of the way to decrypt the file. Meanwhile, in other type of malware, the interaction to the system itself is prohibited. And after that, in order to extort money from the user, various techniques of creating fright are employed. This includes displaying messages that activation period of windows has expired or like authorities have identified pornographic materials on the system and the user will be sued. The users have to pay the ransom, which is paid through wire transfer or bitcoins. The system returns back to normal life after the authors of the ransomware send a program which will decrypt the files or an unlock code is send, which undoes the harms done by the ransomware.

How have they evolved since their genesis?

The first ransomware in the world was seen in 1989. It was called “AIDS Trojan” and created by Joseph Popp. The malware operated by claiming that the user’s certificate to use a particular software had expired and had encrypted filenames on the hard drive. It asked users to pay 189 USD if they were to unlock the system. Adam L. Young and Moti Yung in 1996 introduced the concept of public key cryptography into ransomwares. The major ransomwares known lately as TROJ.RANSOM.A, Gpcode, Cryzip, Archiveus, Krotten, MayArchive, Reveton and CryptoLocker.

How to protect your computer from ransomwares?

There are two sides of this question. They are answered below.

What to do before computer is infected by ransomwares?

1. Use a good antivirus utility.

2. Do not open unexpected attachments and spams.

3. Keep windows and browser updated.

4. Keep a good backup of your files as it could be hard to recover the files when computer is infected.

What to do if the computer is infected by ransomwares?

Remove the ransomware:

1. The simplest ransomwares like a fake antivirus or a fake clean-up can be removed by running Windows in Safe Mode and running an on-demand worm scanner like Malwarebytes.

2. If ransomware prevents users from entering Windows or running a program like lock-screen viruses, System Restore can be used to roll back Windows in time.

Recover hidden and encrypted files:

1. Sometimes the infecting malware doesn’t encrypt the files but simply hide it. It can be easily recovered by enabling “Show Hidden Files”.

2. But what if the files are encrypted? Well, the answer’s hard. If you want the files back, you have to pay the author of the ransomware. And, it isn’t guaranteed that he’ll enable you to retrieve your files i.e. he’ll send you the decryption program or the unlock code. So it’s best to prevent the infection itself and keep a good backup of your files.

What are your thoughts on these ransomwares? Have you ever been affected by these ransomwares? And, what do you have to say on our in-depth analysis of ransomwares? Was it helpful? Feel free to comment below.

Comments

Popular posts from this blog

SMEs account for majority of the 2 Million Active Facebook Advertisers

Earlier this week, the social media giant Facebook announced that it has crossed over two million active advertisers on its platform. Interestingly, further insights in the results reveal that small and medium enterprises (SMEs) form majority of those 2 million active advertisers on Facebook. As reported by the Reuters , more than 30 million small business owners have Facebook pages and the two million active advertisers (those that have placed an ad on the social media platform in the last 30 days) consists mainly of small- and medium-sized business owners. It’s not surprising that Facebook is of great value and an important marketing tool for small businesses. With significant decrease in Facebook’s organic reach in past year it can also be implied that businesses are bound to advertise to reach their audience. And with massive presence of small businesses on the platform, it can be expected that Facebook advertising among the small businesses will continue to grow. Moreover, Facebo...

How to get 25 GB of free Dropbox space?

If you are a Vodafone customer, here’s how you can get 25 GB of free Dropbox space! Vodafone, in order to make it Backup+ service attractive will offer 25 GB free Dropbox space to its customers for their first year of the service. The carrier and Dropbox announced their partnership today appealing mobile customers for safe and secure data storage. The exclusive service, available only for Vodafone customers, is expected to begin by the end of March 2015 in most of the Vodafone markets. Announcing their partnership, Vodafone notes that the Backup+ service will give their customers an easy and secure way to keep their mobile data safe with a Dropbox account. Dropbox also emphasizes their easy storage service by adding the proposition that it will simplify the process of switching phones for Vodafone users. The service, however, is only free for a year. Wouldn’t it be awesome if it were free as long as you had the contract for? How to claim your 25 GB free Dropbox Space? A comp...

Linkedin Email Address Revealer - Sell Hack taken down

Recently, Sell Hack, a browser plugin for the Google Chrome browser made quite a noise in the social networking arena. The email addresses of LinkedIn users was easily exposed via this web browser add-on tool. Made available as free extension for the Chrome browser, all one had to do was to download the plugin and install it on his/her machine and click “Hack In” button, popping up on LinkedIn profiles. And, with the click of a button, one could view the email address associated with the account, even if the account’s not a connected one. The plugin, thus exposed email addresses of all the LinkedIn users, leading to the issues of emails being flooded with spams. LikedIn intended to take legal action over the plug-in and also advised the users to uninstall the plugin. The Sell Hack team however was trying to maintain integrity all the while. They defended themselves saying the tool was created for marketing professionals and argued that all the data pulled for making email addresses wer...