Skip to main content

Ransomware - Trojan in Disguise

 




You log into the computer, and it boots up. But instead of seeing the welcome screen, you get a dialog box. 


"Your data has been encrypted. To recover, pay $$ of Bitcoin."


The message also has a countdown timer, which indicates a payment deadline. 

Passwords, credit card details, personal videos/pictures all have been compromised. The hacker even threatens to leak everything online.


What happened......


Ransomware is a type of malware that encrypts personal data and blocks access to a computer/network.

To regain control, a ransom needs to be paid. Usually this is through Bitcoin, or other crypto currencies.

On payment, a key is given, which decrypts everything, and returns access to the system. 

However, you could be placed in a "Sucker's list" which is sold in the dark web. This can attract more ransomware attacks, in future.


History....


Originating in the 90s, the attacks were first recorded in Russia. Since then, it has crossed into Europe and North America. The hackers also transitioned from a lone wolf setup to organized crime cartels.


Modus Operandi


The attack transpires in five different stages


1. Redirected to a malicious website via adware, or email attachments. The virus gains access when a link is clicked, or a trojan software installed. Infected USB drives, or external hard disc is another mode of entry.


2. Once inside, the malware tunnels deep into the operating system. Here the payload is detonated.


3. The virus attacks as many files as possible. It also downloads other malwares, to facilitate its progress.


4. Targets the Master Boot Record present in primary storage device. This is a piece of software that loads the Operating System. It gets overwritten by malicious code. 


5. To get full control, a restart is prompted. Once done, the malware has complete control of the system.


Prevention


1. Ransomware targets weak system points, known as Zero Day Exploits. Regularly update the operating system. 


2. When visiting websites, refrain from clicking unknown links. Type the site address manually. This reduces getting directed to malicious ones.


3. On connecting any USB drives or external hard disc, pass it through a USB Key Sanitizer. This removes any malicious files, present in the same.


4. Invest in an antivirus software, preferably a paid one. This guarantees better service and regular updates.




Additional Information

https://www.checkpoint.com/cyber-hub/threat-prevention/ransomware/



Labels:

Comments

Post a Comment

Popular posts from this blog

Virtual Private Network (VPN) - Browsing Anonymous

  Privacy is a major concern when browsing the internet. Your data could be eavesdropped by hackers, companies targeting ads or even rogue state actors. What gets revealed would be personal browsing history, location monitoring, IP addresses to name a few. Enter the tech... Virtual Private Network or simply known as VPN is a technology used to prevent unauthorized access of your private data. Even if a hacker penetrates the network and get hold of data packets, all that is revealed is gibberish.  This is because all the information that passes through your device is encrypted and can be only revealed through a personal key.  Internet Service Provider Before going further, a knowledge of Internet Service Provider (ISP) is needed. They are the backbone of the World Wide Web. ISP provides each device with a unique IP (Internet Protocol) address, bandwidth allocation and network security. When a website is searched, first it goes from your device to the Router or Modem which...
Post a Comment
Read more

Cyber Stalking - Unwanted Attention

With the advent of digital age, we are more connected than ever. Social media has transcended geographical locations, and no place is out of reach. But with this type of connectivity, there is a rise in the number of antisocial players. Cyber stalking cases has reportedly gone high in recent years.  Stalking is considered as any form of unwanted attention, contact or harassment directed towards an individual. This results in victim's personal space being encroached or taken for granted.  The preparator perform stalking through fake profiles, monitoring social media sites, messages or chat history. They initiate a volley of hate speech or try to tarnish their victim's reputation. Here stalking can be also a form of love addiction. An unrequited love can cause the stalker to perform the above steps as an act of revenge. Mode of Operation Installing a piece of code in the victim's computer for accessing the webcam. The spyware comes bundled with a software which could be do...
Post a Comment
Read more