What is Ransomware | Blog | Humanize

Download handbook

Home / Blog / What is Ransomware? Definition, Types & Mitigation Blog

What is Ransomware? Definition, Types & Mitigation

Published on Jun 21 2022

Ransomware is malicious software that threatens to publish or prevent access to data or a computer system until the victim pays a ransom price to the attacker. The ransom demand is frequently accompanied by a deadline. If the victim does not pay the ransom in a timely manner, the data will be lost forever, or the ransom will be increased. There are different variants of ransomware, some of the most seen ransomwares are listed below:

 

Types of ransomwares

  • WannaCry

WannaCry is a ransomware infection that spreads by exploiting flaws in Microsoft's Windows operating system (OS). It is a type of virus that may travel over networks from PC to PC and then encrypt important files once installed (the "crypto" part). The criminals then demand ransom payments to recover the files.

  • Bad Rabbit

Bad Rabbit is ransomware that spreads through unsecured websites through "drive-by assaults." Although it is unclear who is behind the Bad Rabbit malware, the cybersecurity industry knows that whoever it is, is a Game of Thrones aficionado. Viserion, Dragon, and Rhaegal, the dragons from the popular program and novels, are all mentioned in the code.

  • Cerber 

Cerber ransomware is malware (malicious software) that encrypts your files and holds them captive until you pay a ransom. It operates on a ransomware-as-a-service (RaaS) basis, in which affiliates buy and then disseminate the software. For the use of the malware, the developers are paid commissions. Cerber employs strong encryption, and no free decryptors are currently accessible.

  • Crysis

Crysis is a ransomware infection that encrypts files on a computer. Crysis infects a system by a variety of means, including using weak or leaked RDP credentials, malicious email attachments, and being presented for download as an installation for a game or other legal software.

  • Goldeneye

The Goldeneye ransomware employs a hybrid attack strategy. First, two viruses are downloaded simultaneously. Mischa and Petya are their names. Second, these infections encrypt data and then demand money in exchange for the decryption key, like with all ransomwares.

  • Jigsaw

Jigsaw only targets PCs with the Windows operating system. Jigsaw includes a countdown timer. The Jigsaw clock starts ticking once the infection is installed. It will begin removing a few files per hour for the first 24 hours.

  • Locky

Locky infects victims by encrypting their data, making them unavailable and unusable, and then demanding a payment in exchange for them chevalier. The crooks claim to provide victims with a Locky ransomware decryption key that only they have, incentivizing them to pay the ransom.

  • Crypto locker

Crypto Locker is a type of ransomware that encrypts the contents of affected machines to prevent access most commonly done through phishing emails with harmful attachments. Once infected, victims are asked to pay a "ransom" to have their files decrypted and recovered.

  • GandCrab

GandCrab is a type of ransomware that encrypts and renames all the user's files. It has an affiliate marketing business model, sometimes known as Ransomware-as-a-Service (RaaS), in which low-level cybercriminals undertake the legwork of finding new victims, leaving the threat developers free to tweak and improve their creation.

  • Ryuk

Ryuk is a form of ransomware used in targeted attacks, in which threat actors encrypt important files to demand big ransom payments. The average Ryuk ransom demand is in the hundreds of thousands of dollars.

 

Measures to prevent Ransomware attacks


Never click on any untrustworthy links:

Clicking on links in spam messages or on unfamiliar websites should be avoided. When you click on malicious links, an automated download may begin, potentially infecting your machine.


Open questionable email attachments with caution:

Ransomware can also infect your computer via email attachments. You should be cautious while opening any attachments that appear suspicious. Pay special attention to the sender and make sure the address is correct to ensure the email is trustworthy.


Only use known USB sticks:

If you do not know where USB sticks or other storage media belongs from, do not attach them to your computer. Cybercriminals may have contaminated the storage medium and left it in a public place in the hopes that someone would use it.


Maintain the latest versions of your apps and operating system:

Malware can be avoided by regularly updating programs and operating systems. Make sure you get the latest security patches while doing updates. This makes it more difficult for fraudsters to exploit flaws in your software.


On public Wi-Fi networks, use VPN services:

Using public Wi-Fi networks with caution is a good way to protect yourself from ransomware. Your PC is more exposed to assaults while connected to a public Wi-Fi network. Avoid utilizing public Wi-Fi for critical transactions or use to stay safe.

 

 

Conclusion

Ransomware attacks take numerous forms and come in a variety of sizes and shapes. The type of ransomware deployed is influenced by the attack vector. It is vital to always examine what is at stake or what data could be erased or published when estimating the magnitude and scope of an assault. Regardless matter the form of ransomware, storing data and using protection tools properly can dramatically reduce the severity of an attack.

 

           

Discover Salience with our 14-day money back guarantee