3 Jun 2021

Ransomware, what you need to know...

The Computers world out there has always a fight between good and the bad. While the good try to keep malware at bay, the bad are brewing something eviler than before. imagine waking up one day, powering up your laptop then you're greeted by a big red or dark image demanding payment within 48-hours or else everything on your computer will be erased.

That's "Ransomware", making your computer turn against you. Criminals are taking money from innocent victims through Ransomware.

So, what is this Ransomware?
Ransomware is computer malware that installs covertly on a victim's computer, executes a cryptovirology attack that adversely affects it, and demands a ransom payment to decrypt it or not publish it.
Ransomware stops you from using your PC. It holds your PC or files for "ransom". Ransomware is a sophisticated malware that infects your computer, encrypts files and denies victim access to his/her files. some popular members of infections known as Ransomware include Cryptolocker, Cryptowall, TeslaCrypt, Reveton, CBT Locker, TorrentLocker, Locky etc.

Most common methods used by criminals to spread Ransomware

  • Security exploits in vulnerable software or applications.
  • Spam email that contain malicious links or attachments.
  • Internet traffic redirects to malicious websites.
  • Botnets.
  • Activating macros in malicious document.
  • Legitimate websites that have malicious code injected in their web pages.
  • Drive-by downloads.
  • SMS messages (which apply to Ransomware that targets mobile devices).
Ransomware initially targeted PCs but has evolved to mobile phones mostly running Google's android operating system and IOS. Mobile ransomware works much the same as on PCs, locking down a device entirely, with only a message being displayed that demands a sum of money to be paid within a certain period of time or the phone would be wiped clean. Mobile phones mostly automatically backup data like photos, contacts, notes, messages to cloud services, therefore the damage caused by ransomware will be less significant than on PCs.

To stay safe from ransomware

  • Don’t store important data only on PC, have 2 backups of data: on an external hard drive and in the cloud like on Dropbox/Google Drive/etc. External Drive should always be completely disconnected from the main PC or network.
  • Make sure Dropbox/Google Drive/OneDrive/etc. application on computer are not turned on by default. Only open them once a day, to sync data, and close them once done.
  • Don’t use an administrator account on computer for daily use. Use an account with limited privileges.
  • Install a reliable anti-virus product that automatically updates definitions and has real-time scanning.
  • Make sure the operating system and the software or applications on your PC are up to date, including the latest security updates.
  • Never click on links in Spam or suspicious emails and never download attachments from Spam or suspicious emails.
  • Always Show hidden file-extensions. This makes it easier to spot suspicious files. One way that Cryptolocker frequently infects a computer is through opening a file that is named with the extension “.pdf.exe”.
  • You should have macros turned off in the Microsoft Office suite – Word, Excel, PowerPoint, etc or other applications of a similar nature.
  • Remove outdated plug-ins and add-ons from browsers. Only keep the ones that you use on a daily basis and keep them updated to the latest version.
Ransomware is without doubt one of the biggest threats facing computer users. The key advice here is: DO NOT PAY UP. The bad guys behind these schemes will keep on attacking as long as there is money to be made. Plus, there’s no guarantee you’ll get your data back.
Stay safe and don’t forget the best protection is always a backup!

featured image source