Ransomware/Cryptolocker/Locky – Virus or Encryption

ranssomware

Ransomware is a computer program which is specially designed to restrict access to files and data of a particular system when gets into it. Currently Ransomware (alias: Cryptolocker or Locky) is the most popular attacks which are infecting computer system around the world at an increasing rate. Ransomware enters a system through email attachment from trusted domains. Ransomware Removal Tool is still not possible to develop. When the user opens the attachment, it gets into the computer system and executes an encryption program which starts encrypting the data files on the system with a unique encryption key using various algorithms like RSA.

The motive to this encryption is to get an amount of Ransom in the form of bit coins which goes directly to the person who has program ransomware. Antivirus Software Companies has declared Ransomware as the most dangerous cyber threat for which there is still no solution for it.

Ransomware got popular in 2013 when it affected computer user in Russia. Later on many antivirus software companies also confirmed that they have collected millions of Ransomware samples in the beginning of 2013. Later on Ransomware got modified with two new versions with name: Cryptolocker and Cryptowall which result in huge monetary loss.

There are various forms of Ransomware upon its nature of infection they caused to the computer system:

Encrypting Ransomware

The Encrypting Ransomware using a public key encryption phenomenon using RSA encryption algorithm which encrypts the data files or the entire hard drive as well which doesn’t allows the user to access the data present on the system. Ransomware became prominent when it came up with a new version “Cryptolocker” which demanded a sum of amount in the form of Ransom which is to be paid in bit coins to get the decryption key for the encrypted data.  Also there is no guarantee that the user will get the decryption code after paying the ransom amount.

Non-Encrypting Ransomware

The Non-Encrypting Ransomware doesn’t encrypt the data files present in the system. There are various infecting methods used by Non-Encrypting Ransomware:

  • Some Ransomware gets into the user’s computer system and starts displaying Pornographic images in their desktop. Along with this it also display a help message to get rid of this display by sending a premium-rate SMS which could costs very high confirming that they will receive a code which will unlock their machines and stops displaying porn images.
  • Some Ransomware used a notice of Windows Product Activation to fool the computer users. This program guides them to follows a link to reactivate their Windows and the link always remains unavailable. Due to which the user calls on the helpline number written on the notice which results in huge money loss as the call are made to international numbers which gets busy for a long period of time.

 

Leakware

Leakware can be referred to as opposite of what Ransomware does. Leakware doesn’t restrict user’s access to its data files but threaten them to publish stolen information from user’s computer. The Ransomware save the sensitive information from user’s computer and threaten the user to publish it publicly. Generally users become worried and pay the ransom amount to save its sensitive data.

At the end, I need to clear that Ransomware is not a virus but only an encryption program.

That’s all in this discussion of Ransomeware. I do believe that the facts mentioned above are true as per my knowledge. I would be happy to if any reader wanted to give their valuable suggestions on the above discussed topic.

To protect your system from Ransomware we strongly suggest that users don’t open mail with attachments which they are not sure about.

We will be back with some more interesting facts about Ransomware. Till then keep Protegent in your system for secure computer use.

Comments are closed.