12th August, 2017

A ransomware is a malware that restricts user’s access to its system until a certain sum of money is paid.  It appears as a random note on screen and may look like a legal notice or threat. A ransomware may arrive in the computer system through malicious emails, websites or spams. Cases of ransomware attacks have been increasing day by day and in order to protect your systems from getting affected, you must stay updated about its various forms and how they work.

Here is a list of different strains of ransomware.

WannaCry – The ransomware affected thousands of computer systems this year. It works by exploiting a flaw in Windows’  “Server Message Block (SMB)”protocol. After infecting the system, the malware spreads, encrypts the files and asks the victim to pay in bitcoins in exchange for the decryption key.

Cerber – This ransomware uses phishing emails or exploit kits to gain user’s information. It doesn’t need an active internet connection to run and therefore disconnecting from the web won’t stop the encryption.

Crysis – It uses RSA and AES (Advanced Encryption Standard) encryption algorithms which make the recovery of files almost impossible. The malicious code affects the system and asks for ransom in return of the decrypted files.

CryptoLocker – This malware is distributed via spam email that contains infected attachments or links. The cyber criminals trick people by sending emails regarding their shipment or cancellation of orders. This ransomware uses AES CBC 256-bit encryption algorithm and asks for a payment of around $1300.

CryptoWall – Distributed via spams and exploit kits, this ransomware appeared after the downfall of CryptoLocker. The CryptoWall 4.0 released in 2015, encrypts file names of the encrypted files which makes it more difficult to identify the infected files.

CTB-Locker – CTB is an acronym for Curve, Tor and Bitcoin. These words are basically the advantages offered by this malware, which allows the cyber criminals to access and infect the systems without being traced back.  CTB-Locker uses unique RSA key to encrypt files.

ZCryptor – This malicious software is a cryptoworm. It not only affects the victim’s system but also copies itself to the other connected devices and computers. To infect the system, the ransomware masquerades to be an installer of some famous program like Adobe Flash or enters through the infected MS Word macro files.

Jigsaw – It uses the AES algorithm to encrypt the files and deletes them with every passing hour, until the money is paid in the form of bitcoins. If the user tries to restart the system, 1000 files are instantly deleted.

  • Protective Measures
  • Always keep a backup on an external drive
  • Install a comprehensive security software
  • Know how to recognize spam emails
  • Keep your operating system and software up to date
  • Avoid downloading apps from unfamiliar websites on your mobile

For complete network security solutions, contact Centex Technologies at (855) 375 – 9654.