What is Ransomware?

Ransomeware is a type of malacious software designed to block access to a computer system until ransom or in other words a sum of money is paid. Simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse. More advanced malware encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. The ransomware may also encrypt the computer's Master File Table (MFT) or the entire hard drive. Thus, ransomware is a denial-of-access attack that prevents computer users from accessing files since it is intractable to decrypt the files without the decryption key. Ransomware attacks are typically carried out using a Trojan that has a payload disguised as a legitimate file.

 WannaCry, also known as WanaCrypt0r 2.0, WannaCry and WCry, is a form of "ransomware".

Estimated Earnings?

While initially popular in Russia, the use of ransomware scams has grown internationally; in June 2013, security software vendor McAfee released data showing that it had collected over 250,000 unique samples of ransomware in the first quarter of 2013, more than double the number it had obtained in the first quarter of 2012. Wide-ranging attacks involving encryption-based ransomware began to increase through Trojans such as CryptoLocker, which had procured an estimated US$3 million before it was taken down by authorities, and CryptoWall, which was estimated by the US Federal Bureau of Investigation (FBI) to have accrued over $18m by June 2015.

Payement Method?

Payment is virtually always the goal, and the victim is coerced into paying for the ransomware to be removed—which may or may not actually occur—either by supplying a program that can decrypt the files, or by sending an unlock code that undoes the payload's changes. A key element in making ransomware work for the attacker is a convenient payment system that is hard to trace. A range of such payment methods have been used, including wire transfers, premium-rate text messages, pre-paid voucher services such as Paysafecard, and the digital currency Bitcoin. A 2016 census commissioned by Citrix revealed that larger business are holding bitcoin as contingency plans.

In May 2017 no. of attacks increased all over the world which caused a huge chaos.

Attacks attacked Govt. buildings and other companies. Many car companies in Russia had to stop their work due to inaccessibility to their computers .

Who is behind this?

It was among a large number of hacking tools and other files that a group known as the Shadow Brokers released on the Internet. Shadow Brokers said that they obtained it from a secret NSA server. The identity of Shadow Brokers is unknown though many security experts believe the group that surfaced in 2016 is linked to the Russian goverment.

Also see how to keep yourself safe from Ransomeware click here.