How Ransomware Spreads and Works

If you haven’t come across a virus named “ransomware,” consider yourself lucky. Ransomware is a new type of malware that encrypts your files and takes them hostage for a fee. This fee isn’t insignificant for most people either. The fee ranges from $300 to $1000.

US law officials recently arrested several people behind a type of hijacking software called Gameover. This software allowed hackers to take control of a computer and manipulate files. Gameover was used to upload ransomware named CryptoLocker. When Gameover went bust, it took CryptoLocker with it, but hackers have created new software to take over where CryptoLocker left off.

How Ransomware Spreads

The method of infection varies for most viruses, but ransomware is typically packaged with installation files masquerading as official software updates. They are advertised as updates for Adobe Acrobat, Java and Flash Player. If you’ve opened underground websites such as torrent sites, you’ve probably come across some of the ads used to distribute malware. Typically, a popup opens telling you that you need to update Adobe Acrobat.

How Ransomware Works

After infecting your computer, the malware finds files with JPG, XLS, PNG, DOC and PPT file extensions. These files are usually important images and documentation, so there is a good chance the hacker will encrypt a file that you need.

After encryption, the malware tells you that your data is being held for ransom and gives you a site to access. You typically need to access this software using a browser named Tor. You also need to buy bitcoins to pay the hacker. Reports have shown that many people pay the ransom, because the files are just too important to give up, and there is currently no guaranteed method to decrypt files.

How to Protect Your Computer from Ransomware

Several antivirus companies have come up with ways to remove the virus, but that doesn’t decrypt the files. Unfortunately, you don’t have many options unless you have backups of your data, but you can protect your computer with some common sense.

First, don’t ever download from a site that tells you software on your computer is outdated. Websites aren’t able to detect outdated software unless you give the website permission to read your hard drive. If you think your software needs an update, go to the official product developer’s site and download it directly from there.

Next, always keep the latest antivirus definitions installed on your computer to defend against all types of malware. The one main issue with ransomware is that once you get infected, there is nothing you can do to reverse the damage. It’s better to be proactive with antivirus updates than wait until you’ve already become a victim.

Finally, always keep backups of your files. Hackers know that most people don’t keep backups. Even some businesses fail to keep regular backups, and it’s a big mistake that usually leads to some kind of data loss. Always keep regular backups in a safe place. Note that you can’t keep them on your local hard drive, because these backups might also get encrypted. One safe place is keeping them in the cloud such as Google Drive or Microsoft’s SkyDrive.

Viruses are becoming stronger and more resilient to common defenses. The best defense is to use common sense and avoid downloading executable files unless you absolutely need to. Keep your antivirus software updated and never installs software if you’re unsure of its security.

Enjoyed this post? Share it!