Ransomware: the new kind of malware

Ransomware malware

Ransomware is one of the greatest emerging cybercrime challenges. Ransomware is the largest malware taxonomy and most phishing emails in 2016 contain ransomware. The tactic of ransomware is to hold the victim to extortion by encrypting the victim’s documents, files or disks until the person pays a ransom fee via bitcoin or voucher.

ransomware_blogThe main mode of infection is via a phishing type of email. This social engineering attack tricks the victim with some call to action, from a “trusted” source, either do visit a malicious URL or to download an executable file attachment.

A ransomware infection comes in great number of forms. Ransomware targets all types of sensitive data that leads to a successful extortion. Extortion is often in the kind of where files are encrypted until the user pays for the key – such as cryptolocker malware that was prevalent in a few years ago. Cryptolocker malware encrypts files on the victim’s drive. The private key is contained on the criminal’s botnet server. The victim must pay the criminal to obtain the key to recover their files or access to the drive.

The growth in ransomware has occurred just in the past few years. It is getting easier to send ransomware and it offers a quick and easy return on investment. As the cost of deploying and controlling ransomware becomes lower, the extortion fee can also be reduced. The criminal maintains the margin whilst it becomes easier and more likely for the victim to just pay the fee.

Victims of ransomware phishing emails are generally soft targets. The audience has become a little more skeptical to the traditional finance / banking types of emails. But as ransomware emails are more recent phenomena the user can easily be duped into clicking on the link or attachment.

These newer phishing emails can often be targeted similar to a spear phishing campaign with personal details or a more general social engineering component, such a “thank you for your Resume”.

About the author

21 Responses
  1. […] Essentially it adds its victims into a botnet (an internet-connected network which an attacker can control simultaneously by a command server), which in actuality can do anything and everything to the victim’s computer depending on what payload the attacker decides to distribute. Noteworthy payloads include DDoS attacks, steal sensitive data, or even forceful seizing of assets via vicious ransomware. […]

  2. […] Ransomware and Cryptocurrency mining attacks have been very frequent this year. Attacking not only unsuspecting individuals, but corporate systems as well. They share a few similarities and mostly engage in digital currencies. And like other malwares and hacking tools, they are also on the verge of evolving. These are both non-complex intrusions in nature but make no mistake, they have the power to take over your CPU resources to achieve their goals. These attacks are at the very top of cyber threats this year. […]

  3. […] Ransomware has been one of the most annoying malware attack in both corporate and individual environment, because it will specifically ask you for a ransom to unlock your computer. In case you find a way to unlock your own computer the files will remain encrypted unless you are too cautious and has backed up important files and documents where encrypted files would not matter much. […]

Leave a Reply