Ransomeware is a type of malacious software designed to block access to a computer system until
ransom or in other words a sum of money is paid. Simple ransomware may lock the system in a way which is not
difficult for a knowledgeable person to reverse. More advanced malware encrypts the victim's
files, making them inaccessible, and
demands a ransom payment to decrypt them. The ransomware may also encrypt the computer's Master File Table (MFT) or the entire hard drive. Thus,
ransomware is a denial-of-access attack that prevents computer users from
accessing files since it is intractable to decrypt the files without the
decryption key. Ransomware attacks are typically carried out using a Trojan that has a payload disguised as a
legitimate file.
WannaCry,
also known as WanaCrypt0r 2.0, WannaCry and WCry, is a form of "ransomware".
Estimated Earnings?
While initially popular in Russia, the use of ransomware scams has
grown internationally; in June 2013, security software vendor McAfee released data showing that it had collected
over 250,000 unique samples of ransomware in the first quarter of 2013, more
than double the number it had obtained in the first quarter of
2012. Wide-ranging attacks involving encryption-based ransomware began to
increase through Trojans such as CryptoLocker, which had procured an estimated US$3 million before it was taken down
by authorities, and CryptoWall, which was estimated by the US Federal Bureau of Investigation (FBI) to have accrued over $18m
by June 2015.
Payement
Method?
Payment is virtually always the
goal, and the victim is coerced into paying for the ransomware to be
removed—which may or may not actually occur—either by supplying a program that
can decrypt the files, or by sending an unlock code that undoes the payload's
changes. A key element in making ransomware work for the attacker is a convenient payment system that is hard to
trace. A range of such payment methods have been used, including wire transfers, premium-rate text messages, pre-paid voucher services such as Paysafecard, and the digital
currency Bitcoin. A 2016 census commissioned by Citrix revealed that larger
business are holding bitcoin as contingency plans.
In May 2017 no. of attacks increased
all over the world which caused a huge chaos.
Attacks attacked Govt. buildings and
other companies. Many car companies in Russia had to stop their work due to inaccessibility
to their computers .
Who is behind this?
It was
among a large number of hacking tools and other files that a group known as the
Shadow Brokers released on the Internet. Shadow
Brokers said that they obtained it from a secret NSA server. The identity of Shadow Brokers is unknown though many security experts believe the group that surfaced in 2016 is linked to the Russian goverment.
Also see how to keep yourself safe from Ransomeware click here.
0 comments:
Post a Comment