Skip to main content

Ransomware - Trojan in Disguise

 




You log into the computer, and it boots up. But instead of seeing the welcome screen, you get a dialog box. 


"Your data has been encrypted. To recover, pay $$ of Bitcoin."


The message also has a countdown timer, which indicates a payment deadline. 

Passwords, credit card details, personal videos/pictures all have been compromised. The hacker even threatens to leak everything online.


What happened......


Ransomware is a type of malware that encrypts personal data and blocks access to a computer/network.

To regain control, a ransom needs to be paid. Usually this is through Bitcoin, or other crypto currencies.

On payment, a key is given, which decrypts everything, and returns access to the system. 

However, you could be placed in a "Sucker's list" which is sold in the dark web. This can attract more ransomware attacks, in future.


History....


Originating in the 90s, the attacks were first recorded in Russia. Since then, it has crossed into Europe and North America. The hackers also transitioned from a lone wolf setup to organized crime cartels.


Modus Operandi


The attack transpires in five different stages


1. Redirected to a malicious website via adware, or email attachments. The virus gains access when a link is clicked, or a trojan software installed. Infected USB drives, or external hard disc is another mode of entry.


2. Once inside, the malware tunnels deep into the operating system. Here the payload is detonated.


3. The virus attacks as many files as possible. It also downloads other malwares, to facilitate its progress.


4. Targets the Master Boot Record present in primary storage device. This is a piece of software that loads the Operating System. It gets overwritten by malicious code. 


5. To get full control, a restart is prompted. Once done, the malware has complete control of the system.


Prevention


1. Ransomware targets weak system points, known as Zero Day Exploits. Regularly update the operating system. 


2. When visiting websites, refrain from clicking unknown links. Type the site address manually. This reduces getting directed to malicious ones.


3. On connecting any USB drives or external hard disc, pass it through a USB Key Sanitizer. This removes any malicious files, present in the same.


4. Invest in an antivirus software, preferably a paid one. This guarantees better service and regular updates.




Additional Information

https://www.checkpoint.com/cyber-hub/threat-prevention/ransomware/



Labels:

Comments

Post a Comment

Popular posts from this blog

Man In The Middle Attack - EavesDropping in the Digital World

    This is a term used to describe a cyber attack where a hacker acts as middleman, during data transfer between user and an application. The app can be a financial or an E commerce website, Software as a Service (SaaS) etc. The hacker can intercept data passed via the browser to the website, and collect sensitive information such as account and credit card details, user login etc. To put it into context, it is like a postman who reads all the letters addressed to you, then reseals the same, on delivery. This way no one suspects a foul play.   Interception This is the first phase of the attack. Here the hacker establishes a connection with the target device whether a PC, Laptop or Smart phone. This is done   through various methods   like   Free WiFi  : Here a WiFi hot spot is set up  which is not password protected. When a user logs in to the network, they are in essence connecting to the hacker's system. Now any data transfer occurs via this co...
Post a Comment
Read more

Internet of Things-Connection Redefined

  Imagine driving home after a long day of work. En route the car instructs the residence to automatically turn on the lights, prepare a hot bath, and download the latest Netflix series. While this may seem like a line from a SciFi script, the future is more realistic than ever. Welcome to the world of IoT or Internet of Things. Though not as popular as its famous counterpart, Artificial Intelligence, its penetration into the consumer market is indeed extensive. What is IoT...... It is the term used to describe a   device, or set of devices which are connected to the internet,   and also communicate with each other. They can share data obtained from various sensors to a central hub, analyze it using  AI, and take appropriate actions. For example, a smart thermostat can read the room temperature, analyze the same, and adjust the heating system without any human intervention. Another example would be a smart camera which provides video footage when a movement is detect...
Post a Comment
Read more

Bluetooth - You are Connected

       We are entering the era of Internet of Things (IoT) devices, where each device connects remotely to one another, and the world wide web. This makes them smart in the way of integration to Artificial Intelligence, Machine learning and Data analysis. There are number of network protocols that facilitate this peer to peer communication be it ZigBee, Matter etc. More on that later.    What is Bluetooth  Invented  in 1994 by Ericsson and widely used, Bluetooth allows for short distance communication, within 10 meter radius. The data speed is between 1 Mbps and 3 Mbps. The bandwidth is in the range of 2.4 GHz to 2.485 GHz.   Frequency Hopping Unfold Spectrum This is the underlying tech used in Bluetooth. Data signals by default have low frequency, and high bandwidth. This makes them prone to distortion, affecting long distance transmission. Also the receiving antennas  have to be large in size which is a limitation for mobile phone...
Post a Comment
Read more