BotNet News

Your source for Online Security News


Ransomware is a type of malware that encrypts files and demands money for them to be decrypted. Typically, a victim is contacted via email or pop-up message and given instructions to pay a certain amount of money in digital currency (Bitcoins or a similar cryptocurrency) in exchange for a decryption key.

Attackers often use phishing emails to distribute ransomware to users. They also spread through drive-by downloads, which is when a user visits an infected website and automatically downloads the malware.

Some ransomware targets individuals, while others target small and medium-sized businesses (SMBs) or public institutions. These organizations are particularly vulnerable to ransomware because they have spotty cybersecurity and irreplaceable data that can be crippled if their computers become infected.

Double Extortion

Another common strategy is to combine file encryption with data theft. The attackers encrypt sensitive files and steal the victims’ data, and then they threaten to publish it online unless the ransom is paid.

Several families of ransomware were developed during this time, including Reveton, which is a form of law enforcement ransomware that locks victims out of their computers and then demands a fine be paid in the form of money payment services such as PaySafeCard or UKash.

In 2020, a new family of ransomware appeared on the scene named Egregor. It combines file encryption with data theft, much like Maze did, and uses a “double extortion” strategy, threatening to release victim’s files and their data online unless they pay the ransom.