WHAT IS RANSOMWARE?
Ransomware is a type of malware thatinfects a computer and restricts a user’s access to the infected
computer. This type of malware, which has now been observed for several
years, attempts to extort money from victims by displaying an on-screen
alert. These alerts often state that their computer has been locked or
that all of their files have been encrypted, and demand that a ransom is
paid to restore access. This ransom is typically in the range of
$100–$300 dollars, and is sometimes demanded in virtual currency, such
as Bitcoin.
Ransomware is typically spread through phishing emails
that contain malicious attachments and drive-by downloading. Drive-by
downloading occurs when a user unknowingly visits an infected website
and malware is downloaded and installed without their knowledge. Crypto
ransomware, a variant that encrypts files, is typically spread through
similar methods, and has been spread through Web-based instant messaging
applications.
WHY IS IT SO EFFECTIVE?
The authors ofransomware instill fear and panic into their victims, causing them to
click on a link or pay a ransom, and inevitably become infected with
additional malware, including messages similar to those below:
- “Your computer has been infected with a virus. Click here to resolve the issue.”
- “Your computer was used to visit websites with illegal content. To unlock your computer, you must pay a $100 fine.”
- “All files on your computer have been encrypted. You must pay this ransom within 72 hours to regain access to your data.”
https://www.us-cert.gov/ncas/alerts/TA14-295A
No comments:
Post a Comment