Skip to main content

Ransomware - Trojan in Disguise

 




You log into the computer, and it boots up. But instead of seeing the welcome screen, you get a dialog box. 


"Your data has been encrypted. To recover, pay $$ of Bitcoin."


The message also has a countdown timer, which indicates a payment deadline. 

Passwords, credit card details, personal videos/pictures all have been compromised. The hacker even threatens to leak everything online.


What happened......


Ransomware is a type of malware that encrypts personal data and blocks access to a computer/network.

To regain control, a ransom needs to be paid. Usually this is through Bitcoin, or other crypto currencies.

On payment, a key is given, which decrypts everything, and returns access to the system. 

However, you could be placed in a "Sucker's list" which is sold in the dark web. This can attract more ransomware attacks, in future.


History....


Originating in the 90s, the attacks were first recorded in Russia. Since then, it has crossed into Europe and North America. The hackers also transitioned from a lone wolf setup to organized crime cartels.


Modus Operandi


The attack transpires in five different stages


1. Redirected to a malicious website via adware, or email attachments. The virus gains access when a link is clicked, or a trojan software installed. Infected USB drives, or external hard disc is another mode of entry.


2. Once inside, the malware tunnels deep into the operating system. Here the payload is detonated.


3. The virus attacks as many files as possible. It also downloads other malwares, to facilitate its progress.


4. Targets the Master Boot Record present in primary storage device. This is a piece of software that loads the Operating System. It gets overwritten by malicious code. 


5. To get full control, a restart is prompted. Once done, the malware has complete control of the system.


Prevention


1. Ransomware targets weak system points, known as Zero Day Exploits. Regularly update the operating system. 


2. When visiting websites, refrain from clicking unknown links. Type the site address manually. This reduces getting directed to malicious ones.


3. On connecting any USB drives or external hard disc, pass it through a USB Key Sanitizer. This removes any malicious files, present in the same.


4. Invest in an antivirus software, preferably a paid one. This guarantees better service and regular updates.




Additional Information

https://www.checkpoint.com/cyber-hub/threat-prevention/ransomware/



Labels:

Comments

Post a Comment

Popular posts from this blog

Man In The Middle Attack - EavesDropping in the Digital World

    This is a term used to describe a cyber attack where a hacker acts as middleman, during data transfer between user and an application. The app can be a financial or an E commerce website, Software as a Service (SaaS) etc. The hacker can intercept data passed via the browser to the website, and collect sensitive information such as account and credit card details, user login etc. To put it into context, it is like a postman who reads all the letters addressed to you, then reseals the same, on delivery. This way no one suspects a foul play.   Interception This is the first phase of the attack. Here the hacker establishes a connection with the target device whether a PC, Laptop or Smart phone. This is done   through various methods   like   Free WiFi  : Here a WiFi hot spot is set up  which is not password protected. When a user logs in to the network, they are in essence connecting to the hacker's system. Now any data transfer occurs via this co...
Post a Comment
Read more

X86 vs ARM - The PC War

X86 Vs ARM A Hype?  Recently laptops powered by ARM processors have taken industry by storm. Touted as being highly power efficient, providing 18 hours backup, on as single charge. That too while running multiple program instances. Would this spell an end to the x86 architecture, where Intel and AMD rule. Or will the tables turn around? What's the Difference? Let's start with an x86 based CPU. They feature a single processing unit which can be integrated to other external peripherals like Memory, GPU etc. Here each peripheral has a separate controller, knitted together by address and data BUS. When we look at ARM all the above components (Memory, GPU) are integrated within the main chip. Known commonly as SOC (System on a Chip) . This helps in reduced footprint. But they do come with a drawback. Cannot expand by adding extra peripherals. Coming to complexity, x86 provides a simpler set up, at least for a developer. Here most of the core tasks such as Memory Read/Write, Arithmet...
Post a Comment
Read more

The Brain within an Embedded System-Difference between Microprocessors and Microcontrollers

To understand the working of an Integrated Circuit, we need to first understand what an Embedded System is.  It is basically a conjunction of Hardware and Software parts. Embedded System is a stripped-down version of a mainstream computer, specializing in a single task. They are connected either as a standalone device, or as part of a larger electrical or mechanical system. Mainly in consumer electronics like fridges or microwaves, they have low power rating and, is economical to build. Embedded system performs complex mathematical calculations at any specific time. This is done thru a Central Processing Unit (CPU) , mostly a Microcontroller or at times, a Microprocessor. A Sensor is used to collect data from the external environment Eg: Temperature, atmospheric pressure etc. This is then fed into an Analog to Digital (ADC) converter. The digital signal thus obtained is stored in memory and, decoded by the CPU.  The output of the operation is then fed to a Digital to Analog...
Post a Comment
Read more