Pinterest Stumbleupon Whatsapp
Advertisement

You’ve probably heard of Ransomware, the malware that locks up your system and threatens you in order to extort money. It is a threat that exists on desktop and mobile devices, and is almost always insidious, difficult to remove, and, in many cases, expensive.

We’ve previously explained how to deal with several ransomware threats should you find them on your computer, but just how great is this threat? Several prominent ransomware scams are in circulation at the moment. Let’s go over three of the most devastating, so you can recognise them.

Understanding Ransomware

Before we proceed, a quick catchup, just in case you’re reading this article completely unaware of what ransomware actually is.

muo-security-3ransomware-ransomware

When infected with a ransomware bug, a computer’s files – typically the My Documents folder and libraries – are locked, often encrypted. The creators/distributors of the malware then display a message to the user, informing them of the price y that must be paid to regain access.

That’s right: you have to pay to get access to your own files. Think of it as a digital version of the old “protection racket” monies for menaces model.

Advertisement

Data isn’t only locked, however; in some cases, the user is accused of being a paedophile, using illegal images and a message purporting to be from a known law enforcement agency. In 2013, McAfee revealed it had collected in excess of 250,000 ransomware samples, each unique, in the first quarter of that year alone.

A growing threat across all platforms, the 3 examples below should help explain just why you need to be wary of ransomware.

CryptoLocker

Targeting Windows, CryptoLocker quickly became the daddy of the ransomware scene in 2013, spread by email and possibly through the ZeuS botnet.

cryptolocker-example

After installing itself on your computer, CryptoLocker encrypts documents found on your computer, on network drives and on removable storage, tying them up with 2048 bit RSA. Retrieving your data means paying USD $380 in Bitcoin or $300 in either MonkeyPak or Ukash prepaid cards.

Following a security services operation, it became possible for some users to get their files back. Obviously this is good news, but it does highlight just how devastating ransomware can be. It took the discovery of the command and control server behind the ransomware encryption to stop (the original) CryptoLocker in its tracks, but even that wasn’t enough to free user data. Instead, we’ve had to wait for it to be reverse engineered, and a decryption tool developed CryptoLocker Is Dead: Here's How You Can Get Your Files Back! CryptoLocker Is Dead: Here's How You Can Get Your Files Back! Read More .

TorrentLocker

With a similar name to CryptoLocker, TorrentLocker locks up your files and demands a fee of $500 AUD (doubling to $1000 AUD if you’re slow to cough up the readies) to be paid in Bitcoin. Various clues about the currency and the exchanges the ransomware advise you use suggest that it is aimed at Australian users (and may even hail from there).

torrentlocker-buydecryption

Where it differs from CryptoLocker is that although it shares a similar appearance, TorrentLocker is in fact a unique strain of ransom-based malware.

You should also avoid being taken in by the name. Although it suggests a relationship to the Bittorrent network (perhaps, you might think, it is perpetuated through file sharing) many instances of TorrentLocker have been received by email.

Unless the command and control servers behind TorrentLocker are found and taken out of action, paying the ransom to download the software to decrypt your data is the only way out. We’ve already looked at TorrentLocker in some detail TorrentLocker Is A New Ransomware Down Under. And It's Evil. TorrentLocker Is A New Ransomware Down Under. And It's Evil. Read More ; if what I’ve just told you isn’t enough to concern you, the full story should.

FBI Ransomware/Police Central

Perhaps the ransomware scam that most people are aware of, this is the one that – once your system is infected – displays a message that claims to be from the FBI or your local police department, accusing you of storing downloading copyrighted material or illegal pornography on your Windows PC or even your Apple Mac running OS X (although it is relatively simple to avoid being taken in by this).

muo-security-3ransomware-fbi

In fact, if you’re not fussy about where you install your Android apps (for instance, you might use third party app stores Google Play Alternatives For Downloading Android Apps Without Fuss Google Play Alternatives For Downloading Android Apps Without Fuss Many people think that the Google Play Store is the only option Android users have for downloading apps, but there are actually quite a few quality alternatives out there. Read More ) then there is a chance that you can get the same ransomware on your phone or tablet FBI Ransomware Hits Android: How To Avoid Getting It, And Remove It FBI Ransomware Hits Android: How To Avoid Getting It, And Remove It Learn how to keep your Android device safe from FBI Ransomware with these tips. Read More .

Using a localised approach, the scammers were able to tailor their ransomware to individual countries; for instance in the UK, it claimed to be from the Metropolitan Police Service (London’s police force) and the royalties collection society PRS for Music.

Despite the coincidental fact that this flavour of ransomware – known generally as Reveton – had the effect of forcing a paedophile to hand himself in, this is an intimidating piece of malware. Despite the interception and arrest of the gang behind Reveton the threat persists in the form of variants, some of which are also designed to steal your password.

Protect Yourself From Ransomware

Understanding the nature of the beast is the best way to protect yourself from Ransomware. After infection is too late; you need to be able to defend the attack before it comes, not when your data is locked. You can do this by ensuring that you’re using the most up-to-date Internet security suite, capable of defending against all forms of malware. You should also take a look at the preventative measures outlined in our original look at CryptoLocker CryptoLocker Is The Nastiest Malware Ever & Here's What You Can Do CryptoLocker Is The Nastiest Malware Ever & Here's What You Can Do CryptoLocker is a type of malicious software that renders your computer entirely unusable by encrypting all of your files. It then demands monetary payment before access to your computer is returned. Read More . While the original form of this ransomware has been all but dispersed, it has been replaced by variants, so you need to be remain vigilant.

Should you be reading this after a ransomware infection, the best solution open to you is to follow the excellent advice given by MakeUseOf’s Guy McDowell in his excellent guide to beating ransomware without paying out Don't Pay Up - How To Beat Ransomware! Don't Pay Up - How To Beat Ransomware! Just imagine if someone showed up on your doorstep and said, "Hey, there's mice in your house that you didn't know about. Give us $100 and we'll get rid of them." This is the Ransomware... Read More .

Are a ransomware victim? Did you pay out, or did you bite the bullet and allowed your data to be deleted (perhaps you had good backups)?

Tell us your story: the comment box awaits!

Featured Image Credit: Girl frustrated with laptop via Shutterstock

Image Credit: Ransomware via Shutterstock, Image Credit: Pierre Lecourt

Leave a Reply

Your email address will not be published. Required fields are marked *