BotNet News

Your source for Online Security News

Ransomware is malware that encrypts your files and displays a message requesting payment to unlock them. Attackers can spread ransomware through phishing emails, malicious websites or by using tools like exploit kits or exploit servers.

Ransomware has been around for decades, with the first attacks occurring in 1989. Joseph L. Popp, considered the “father of ransomware,” sent infected floppy disks to attendees of a World Health Organization AIDS conference, instructing them to mail $189 to a P.O. box in Panama.

Over time, ransomware has evolved from a white-collar crime perpetrated by opportunistic amateurs to a major threat for organized cybercriminal gangs. These gangs often advertise on the dark web for help and use sophisticated tools to steal credentials, find vulnerabilities and build malware that evades detection.

The malware varies by variant, but it typically displays an on-screen message asking for a ransom to be paid in order to unlock encrypted files. The amount of money demanded varies depending on the attackers, but it’s not unusual for victims to be asked for several thousand dollars or more in cryptocurrency.

As the Internet of Things becomes more widely used, hackers will have billions of new attack vectors, potentially holding your connected car or home hostage or even putting lives at risk. This is why it’s important to keep up-to-date on patches and update your operating systems regularly.

In the event of an attack, CISA’s Ransomware Response Checklist provides significant guidance on steps to take after an infection. These include isolating infected aspects of the system, powering down those components to prevent the spread of ransomware and contacting federal law enforcement to assist with available decryptions and investigations.