Skip to main content

MORE ABOUT RANSOMWARES. PART 1

Not long ago, a man committed suicide after an automatically generated notice from a computer virus threatened him with jail unless he paid a ransom thousands of dollars. The year was 2014. As incredible as the story seems, it marked the first known time a computer virus actually killed somebody. The next generations stole cash from users around the globe, and Cryptolocker raised the stakes – holding data of hundreds of thousands of users hostage. Despite successive short-lived take downs, the malware has made a comeback as CTB (Curve-Tor-Bitcoin) Locker.

This challenging breed of malware is continuously improving, reaching new levels of complexity as smartphones and tablets are increasingly used to store crucial personal and enterprise-level documents.

Bitdefender, the anti-malware solutions provider, zooms in on the subject to show how this type of virus works and to tell users how to prevent being locked out and extorted.

What is ransomware?

Ransomware is a type of malware that infects and locks a system until the user pays a fee to regain access to the data. Paired with server-side polymorphism and industry-grade delivery infrastructures, the malware can enter a system through a malicious downloaded file, a vulnerability in a network service or even a text message. Stay tuned to read an extensive article on how ransomware infects user's machines.

correction-24

Why is it different from traditional malware?

It doesnt steal victim's information, it encrypts itIt demands a ransom, usually in Bitcoins.It’s relatively easy to produce—there are a number of well-documented crypto-libraries

Types of ransomware

Device lockers

This type of ransomware locks the device screen and displays a full screen image that blocks access to the device. The message demands payment, yet personal files are not encrypted.

article-1a

File-encrypting ransomware

Some of the most notorious families of file-encryption ransomware include Cryptowall, Critroni and TorLocker.

File-encryptors like Cryptolocker encrypt personal files and folders such as documents, spreadsheets, pictures and videos. After infiltrating the machine, the malware contacts the command-and-control center to generate an encryption key to cypher each of the computer files using complex encryption algorithms. This will make the computer’s data unusable.

The malware then displays a message, often claiming to be from law enforcement agencies, to scare victims with threats of punishment and imprisonment unless they decrypt the data by paying (either through Bitcoin or a pre-paid cash voucher) before the stated deadline. Cyber criminals employ users’ computer IP information to show victims a localized version of the screen-blocking message. The same message sometimes threatens to delete the private key if the deadline is not met.

article-1b

Some cyber-criminal groups are taking the business to a whole new level by anonymizing communication via TOR. TorLocker is a commercial ransomware toolkit sold on underground forums as an affiliate program. Renewable built-in keys allow TorLocker to encrypt files even if the victim's PC is not online, while Tor-based communication makes it nearly impossible to shut down the operation.


Things are getting worse, and we âre seeing more of these infections,says Bogdan Botezatu, Senior E-threat Analyst at Bitdefender. Once you fall victim to ransomware, there is absolutely no way to get your data back without paying. But, if you pay, you are only encouraging this business and funding their research and development. Sometimes, the criminals will take the payment and not release your data, leaving you without your money or your information.

Labels:

Comments

Post a Comment

Popular posts from this blog

SNIFF GSM USING HACKRFX

​TOOLS  USED: •  ha ckrf_kali • brategnuradio-companion • gr-gsmgqrx • wireshark INSTALL REQUIREMENTS: First thing, you want to make sure you have all the required software installed, you can install most of them and their dependencies using your distribution package manager. Let’s start with the libraries and tools for the hackrf itself, on a Debian/Ubuntu distro you’ll install them like so: sudo  apt-get install  hackrf   libhackrf -dev libhackrf0 Once these libraries are installed, you can plug your hackrf into one of your USB ports and execute the  hackrf_info  command, at this point you should see something like the following: # hackrf_info Found  HackRF  board. Board ID Number: 2 ( HackRF  One) Firmware Version: 2014.08.1 Part ID Number: 0x00574746 0x00574746 Serial Number: 0x00000000 0x00000000 0x14d463dc 0x2f4339e1 You will now install  gnuradio  which is the software we’ll use to decode the RF signals,  gqrx  a tool to visualize signal power on certain frequencies
Post a Comment
Read more

TERMINAL ON ANDROID- TERMUX

Let Termux be our topic today. It is an Android application which is a Terminal Emulator distributed by Fredrik Fornwall. It creates exactly the same working environment of Linux Terminal on Android. Take a try. It can be installed from Google Play Store. Navigate from here . After the environment is set, go to App settings from the System Settings and give the App Storage permission.  Basic linux command like cd, ls, pwd, cat, touch and many more or almost all can be made here on this prompt. To install packages like Python or Pip type in packages install <packageName> It's that simple.  Similarly, to execute a program or a package, type <packageName> then, the corresponding help will be appear. Rest is with you. This is how an installation screen appears to be.. Now, about storage. As the initial step, type in termux-setup-storage Typing pwd gives the current working directory and it will be something like /data/data/com.termux/files/
Post a Comment
Read more