What is Ransomeware?

Ransomware is a type of malicious software (malware) that attempts to extort money from victims by restricting access to a computer system or files. The most prevalent form of this profit-motivated malware is crypto-ransomware, which encrypts files into encoded messages that can only be decrypted (decoded) with a key held by the malicious actor.

How does Ransomeware work?

Ransomware infections occur when a user opens a malicious email attachment, clicks on a malicious link, or visits a website infected with malicious code, known as a drive-by download. Once a system is infected, the ransomware contacts a command and control (C2) server to generate an encryption key and begins encrypting files on the victim’s machine. The ransomware runs quietly in the background performing in-depth searches of all disk folders, including removable drives and network shares, and encrypts as many files as it can. Ransomware may also delete Shadow Volume Copies, destroy restore points, and overwrite free disk space to prevent victims from recovering their files and systems without paying the ransom. If a system is powered off as files are being encrypted, some ransomware variants resume where they left off when the system or device is powered on again. After files are encrypted, a ransom note is displayed on the screen with instructions on how and where to pay the ransom and the length of time before the hacker or software destroys the decryption key. Some recent variants offer victims a ‘second chance’ to pay after the initial timer expires; however, the ‘second chance’ is often at least double the original ransom amount. If the victim pays the ransom, the malware is supposed to contact the C2 server for the decryption key and begin decrypting the victim’s files; however, in many cases, the files are never decrypted. Some ransomware files can delete themselves in order to avoid detection and analysis by security researchers or law enforcement.

 If you have been or are currently a victim of RansomWare call the experts at XS Applied Technologies today 732-807-4449 let us help you save your files and enact a plan to prevent this from happening again.

2 thoughts on “What is Ransomeware?”

  1. Hmm it looks like your blog ate my first comment (it was extremely long) so I guess I’ll just sum it up what I submitted and say, I’m thoroughly enjoying your blog. I too am an aspiring blog writer but I’m still new to everything. Do you have any tips and hints for beginner blog writers? I’d certainly appreciate it.

    1. I’m not really a blog writer – not a professional one anyway. But I think if you enjoy your subject matter and take pride in your work, anyone can be a decent blogger. I appreciate your feedback. And my one tip would be to stick the point, restate your topic and focal topic frequently as you make your point and support it. And before you post, read it again and ask yourself if you’ve expressed the message clearly; then ask yourself if you’d still be reading it [if you hadn’t written the article]. Does it inform? Does it entertain? If it does those two things, put it out there. Cheers!

Leave a Reply

Your email address will not be published.