Everything Ransomware

If you wish to know Everything Ransomware related, you’ve come to the right place!

What is Ransomware? What can we do with it? Why it’s so important to know it? What are the dangers involved in it?

LET’S BEGIN


Ransomware
Keeps your information behind a lock

Ransomware is a malicious software that restricts access to the infected computer’s systems, and is used to extort money from the user (ransom fee) in order for the access restriction to be removed. Some Ransomwares encrypts the files on the hard drive, thus making the decryption process difficult without paying a ransom for the encryption key. While other Ransomwares simply locks the system and displays a false message that the files cannot be accessed. That will be done, in order to trick the user and encourage them to pay. Usually, the ransomware penetrates the computer as a Trojan horse, disguised as an innocent file. But there are many types of other “disguises” for it.

It is very important to note:

Just because the attackers promised that the restrictions would be released in exchange for money, does not necessarily mean that it will happen!

How will I know I’ve been attacked?

Pretty self-explanatory, isn’t it? Basically, we will understand that the main motive of such attacks is financial. So if the attackers want to get what they want, they will make sure to let you know. Whether it’s a pop-up message showing you that everything is blocked, or a specific email, or anything else attackers can think of. Of course, it is also important to remember, not every such message is necessarily true. You may be presented with such a pop-up message, but in practice, access to your files is in fact, not restricted. That’s why it’s important to check things to the best of your understanding.

The role of Crypto in Ransomware

So how will we pay the “Kidnappers”? As we know, today there are quite a few sophisticated methods for identifying and tracking money exchanged between 2 parties. Cryptocurrencies provide a solution to this, as they are encrypted and transferred multiple times to places that are not linked at all to someone’s bank account, there’s really no way to beat that! Therefore, today’s most ransoms will demand payment in the form of Cryptocurrencies which are transferred to the wallet of someone with a fake name.

Cryptolocker Ransomware

Several techniques for executing Ransomware

  • Diskcoder Ransomware – encrypts the hard disk in its entirety and prevents the user from accessing the operating system. Hardware based method.
  • Screen locks – block access to the device’s screen.
  • Encryption – encrypts the personal and important data stored on the victim’s hard drive. Software based method.
  • PIN locks – mainly targeting Android devices, they change the lock codes for these devices to prevent users from using them.

At the end of the day we will understand that the most difficult question is:

Do you have to pay the Ransom?

How will I protect myself?

There are several ways by which we can protect ourselves and prevent incidents like the above, some of them:

  • Make sure all your files are backed up. If you can restore your files from an existing backup, there is no need to bother with the ransom at all. Report it to the authorities and move on.
  • Antiviruses. Although there is indeed a debate on the subject, such softwares can help us in active and passive protection and ensure that we do not “travel” in questionable places.
  • Update Update Update! Of course we know how important it is to continuously scan and update the security on our assets. Every day, more and more new threats are being discovered. And accordingly, updates are released that will protect us from them. Another way to protect us is of course to perform penetration tests and scans on our systems, to find vulnerabilities in the systems and prevent attacks in the first place. One tool that is highly recommended for web applications is Kayran of course.

We were sure that the movies about action heroes rescuing hostages held by criminals would reflect the real superheroes to us. Is it still relevant today?

Stay safe, choose Kayran.

Active Directory Hacking

What does Active Directory mean? The Active Directory infrastructure is a critical infrastructure in most organizations, and it forms the backbone of the organization’s computing

Read More »

Explaining API

We’ve talked about API’s Vulnerability in here, but i feel like there’s much more to talk about and explain since this is a big and

Read More »