Home Tags Ransomware

Tag: Ransomware

Ransomware is a Cryptovirology attack carried out using covertly installed malware that encrypts the victim’s files and then requests a ransom payment in return for the decryption key that is needed to recover the encrypted files. Thus, ransomware is an access-denial type of attack that prevents legitimate users from accessing files since it is intractable to decrypt the files without the decryption key. Other attacks superficially lock the system and display messages intended to coax the user into paying. Ransomware typically propagates as a Trojan, whose payload is disguised as a seemingly legitimate file.

While initially popular in Russia, the use of ransomware scams has grown internationally; in June 2013, security software vendor McAfee released data showing that it had collected over 250,000 unique samples of ransomware in the first quarter of 2013, more than double the number it had obtained in the first quarter of 2012. Wide-ranging attacks involving encryption-based ransomware began to increase through Trojans such as CryptoLocker, which had procured an estimated US$3 million before it was taken down by authorities, and CryptoWall, which was estimated by the US Federal Bureau of Investigation (FBI) to have accrued over $18m by June 2015.

The cybercrime economy has "now become a kind of mirror image of contemporary capitalism", says paper.
Some criminals are shifting from ransomware to cryptocurrency miners - those behind XiaoBa have rejigged the code to shift the same malware towards a different focus.
While established cyber-attack vectors, such as malware and ransomware, continue to be a challenge for IT security pros, a panel of experts at the SANS Institute detailed new and emerging threats.
"The extensive disruption caused by WannaCry laid bare serious vulnerabilities in the cyber security and response plans of the NHS," warn MPs.
Cryptomining malware is the top threat to watch out for 2018, according to a Q1 analysis of threats.
Cisco is also adding new capabilities designed to protect employee devices from ransomware, cryptomining, and fileless malware.
What made Atlanta an easy target was its outdated use of technology: old computers running on non-supported platforms, which are also a characteristic of many municipalities and most major cities.
Verizon pegged ransomware as the most prevalent malware in its 2018 Data Breach Investigations Report.
Verizon's 2018 Data Breach Investigations Report finds that 68 percent of breaches took months for organizations to discover.
Researchers are warning of a new email phishing campaign that launches a trojan capable of distributing ransomware and stealing passwords.