Back

A small virus makes huge loss to our security.

Published On 28th May 2019

How are computers infected with ransomware ?

In this insecure world, ransomware is one of the malicious software to fraud us. Ransomware is a type of malicious software that infects a computer and restricts user’s access to it until a ransom is paid to unlock it. While some simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse, more advanced malware uses as a technique called cryptoviral extortion, in which it encrypts the victim’s files making them inaccessible, and demand a ransom payment to decrypt them.


Ransomware is often spread through phishing emails that contain malicious attachments or through drive-by downloading. Drive-by downloading occurs when a user unknowingly visits an infected website and then malware is downloaded and installed without the user’s knowledge.Crypto ransomware, a malware variant that encrypts files, is spread through similar methods and has also been spread through social media, such as Web-based instant messaging applications. Additionally, newer methods of ransomware infection have been observed. For example, vulnerable Web servers have been exploited as an entry point to gain access to an organization’s network.

Here 5 things protect you from the ransomware

1. Use antivirus software: Today’s advanced antivirus programs have expanded to cover various other types of malware such as ransomware, spyware, spam, and phishing attacks. They are now better turned to block ransomware, while a few even claim they can clean up the mess after the fact.
2. Avoid suspicious emails and links: Do not open suspicious email attachments and click on links, even if you know and trust the sender – most ransomware is distributed via phishing emails.
3. Backup your data: Make regular offline backups. Since some variants of ransomware can delete backup copies on your computer and network drives, save your files on an external drive or in the cloud. This will ensure you don’t lose any files if you are targeted by a ransomware attack.
4. Update your software: Keep your OS and all your software updated and patched.
5. Don’t use torrents: Beware of pirated content and software, which are usually distributed via P2P and torrent sites and can include malware.

What do I do if I believe my system has been infected by Ransomware?

Ransomware is very tricky, so it is best to have a copy of your clean backup. This is your best option on how to protect yourself against ransomware. Never ever pay the ransom because you don't have any guarantee that the criminals will give your data back, knowing that they have plenty of victims that need their data too. You are not assured that you will also be accommodated. It is better not to pay and rely on your backup to restore everything in place.
Signs your system may have been infected by Ransomware:
• Your web browser or desktop is locked with a message about how to pay to unlock your system and/or your file directories contain a "ransom note" file that is usually a .txt file
• All of your files have a new file extension appended to the filenames
Examples of Ransomware file extensions: .ecc, .ezz, .exx, .zzz, .xyz, .aaa, .abc, .ccc, .vvv, .xxx, .ttt, .micro, .encrypted, .locked, .crypto, _crypt, .cricinfo, .r5a, .XRNT, .XTBL, .crypt, .R16M01D05, .pzdc, .good, .LOL!, .OMG!, .RDM,


Author

Rakesh chandanala