These Top 5 Ransomware Tricks Have Wreaked Havoc On The Internet
Ransomware, the malicious and notorious malware that literally takes over your machines and demand money to release is on the rise. This cyber extortion has become a headache for the cybersecurity, because despite all checks in place, Ransomware is still able to make it big in their notorious activities.
The ransomware has doubled in the recent years and the money paid to release the machines is to the tune of 2 billion dollars. This figure is from last year, according to researchers at Bitdefender.
The last year 2017, nearly 70% of the business were hit by ransomware, and significantly more than half of the victims paid the money to get their machine released. Interestingly, the ransomware was paid despite the warning from experts not to pay because one is not sure if they will get the files back.
On seeing how the companies have no issues paying the ransom, cybercriminals have pushed their attack to the next level. The hacker is now designing new strategies to extort money, and developed a new lethal ransomware to create havoc in the cyber world.
Who can forget all the last year ransomware, some of the nastiest one is?
WannaCry that hit the cyber world on May 12, 2017, took the world by storm. Thousands of computers were choked, and data seized. Hundreds of businesses and their machines were affected. The victims were from all walks of life ranging from Banks, hospitals, telecommunication and more. Imagine a scene at the hospital where the computer is held for ransom, and the patient is waiting for his details.
WannaCry entered the system through Windows Server Message block protocol using the EternalBlue exploit. Once they get hold of the computer they would encrypt and lock the system and put up a message demanding anything from $300 and above to unlock the system.
One could have easily prevented WannaCry from taking over the system had they run the patch from Microsoft that was released a couple of months before WannaCry existed.
Only a month after WannaCry, another attack exploded, again hitting thousands of organizations and businesses in multiple countries.
After WannaCry the next big thing in the form of Ransomware was NotPetya, which again took thousands of organization and business for a ride. This happened in many countries.
No doubt this was the new version of the infamous Petya ransomware, that looked like a wiper worm that would permanently destroy the data if attacked, but instead it kept the data as a hostage for ransom.
NotPetya reached the Windows computer through a compromised update of accounting tool as well as phishing emails. The hackers used the earlier leaked NSA exploits to put this into effect. They also employed the credential stealing tool, which allowed them to spread the virus through the network from the affected system.
3. Bad Rabbit
As soon as the world finally recovered after the two major attacks, new ransomware dubbed Bad Rabbit hit Eastern Europe and many other countries around the world.
After the two successive ransomware attack, once again the world woke up to a new kind of ransomware called Bad Rabbit. This originated from Eastern Europe. This was a smart malware that spread its tentacles through malicious downloads. Popular websites were injected with malware dropper disguised as an Adobe Flash Installer, and the hackers would patiently wait for a user to download that installer.
Once the user installs the virus, he is found locked and not able to access his files. Then a message pops up asking him to pay the ransom and get the data back.
The frequent and successful ransomware that kept the cyberworld on its toes, and every time it returns it was stronger than before.
Locky finds its victim through spam campaigns, which nobody considered, and it was the easiest and the cheapest way to deliver malware. It urged the user to download an important document and enable macros. This resulted in losing the content of their computer and then the demand for ransom is made in exchange for the decryption key.
It may sound foolish, but one will be surprised how many users tend to fall for this phishing scam end up opening the malicious attachment and zip files.
Jaff ransomware is very similar to Locky. It is simple, but extremely successful. The only difference is that it demands a much higher fee for releasing encrypted files. The amount ranges to almost $4000 or equivalent to 1.79 Bitcoins.