BotNet News

Your source for Online Security News

Ransomware

Ransomware is malware that encrypts a victim’s data, adding an extension to files, and then displays a message telling the victims their data is inaccessible until they pay a fee to the attackers, typically in Bitcoin. In some cases, the attackers do not decrypt the data after the payment is made.

Although the number of attacks has exploded in recent years, ransomware has been around for years. The first variant appeared in 1989 as AIDS, or PC Cyborg Trojan, which counted the number of times the victim booted their machine and then encrypted their data with a key known only by the attackers.

The most common type of ransomware today encrypts files and demands the victim pay a ransom, often in Bitcoin, to retrieve the file. Criminals may also threaten to publicize sensitive data on a victim’s hard drive, called doxware or leakware, as another tactic to make the victim pay.

In addition to encrypting data, ransomware often uses other malicious tools to spread itself throughout the network, evade detection and sabotage cybersecurity systems. This is why it is so important to practice good cybersecurity habits, such as limiting access to external storage devices and ensuring systems are updated regularly with the latest patches and updates.

A fast response to ransomware is critical to minimizing damage. This includes identifying the source of the infection and immediately isolating the device (physically and electronically) from other networks, including Wi-Fi, by shutting down and unplugging the device from power sources.