Articles about Ransomware

Ransomware is one of the major threats computer users now face, even though recent reports suggest that many people don't actually know what it is.

Delivered via spam or phishing emails that trick users into clicking on malicious links, ransomware renders computer systems, devices or files inaccessible and holds the victim hostage until payment is made, usually in the form of bitcoins.

Continue reading →

If you need another reason to pay attention to online security, new measures under consideration by banks could sharpen your focus. At the moment, banks in the UK frequently shoulder the cost of online fraud when customers fall victim. But all this could be set to change.

The plans being looked at by banks, GCHQ and the UK government could see people who haven’t taken care of their own online security being excluded from receiving compensation if their account is hacked.

Continue reading →

A new report shows that 43 percent of consumers in the US and Canada don't know what ransomware is. A similar number (44 percent) say they don’t know what data or information could be stolen in a ransomware attack.

The study by Kaspersky Lab surveyed 4,000 US and 1,000 Canadian consumers aged over 16 and found that only 16 percent mentioned ransomware as a cyber threat they were worried about, compared to their concerns about viruses, spyware and Trojans.

Continue reading →

Ransomware is not exactly a new problem, but it's one that seems to be getting increasingly serious. Every week there's a new high profile attack out there including the likes of CryptXXX and PETYA. One of the biggest names, TeslaCrypt, has suddenly thrown in the towel and offered up a free decryption key for its victims.

The surprise move comes just a couple of months after version 4 of TeslaCrypt gained what was described as "unbreakable encryption". The closure is somewhat bittersweet. The shutdown comes as attackers switch to using CryptXXX instead, but perhaps the most surprising aspect is the fact that the site formerly used to accept Bitcoin ransom payments is now where you'll find the decryption key needed to gain access to your files.

Continue reading →

If your files have been scrambled by malware then a decrypter may be able to save the day -- but you’ll need to find it, first. Emsisoft has announced its own Decrypter page, a single source where you’re able to browse and download any of the company’s 14 free decrypters.

The page provides clues to help you find out exactly which type of ransomware might have infected your PC.

Continue reading →

Ransomware is something like the digital version of Kanye West -- everyone hates it, but its popularity just keeps on growing. And it takes your money for things you really don’t want to buy.

The news about the rising popularity of ransomware was confirmed by security firm Kaspersky Lab, which released its quarterly report into the state of malware.

Continue reading →

If it feels as though you've heard an awful lot about ransomware recently, that's because you have. It's a problem that just seems to be getting worse, and ESG -- the security outfit behind anti-malware program SpyHunter -- has released figures that shows April was the worst month ever recorded for ransomware in the US.

The rate of infection rocketed last month, with the numbers more than doubling when compared to March. While there have been a few high-profile cases of large businesses getting hit with ransomware, increasing numbers of ordinary people are also falling victim.

Continue reading →

As we've seen in recent reports, ransomware is an increasingly big problem. But how much do people know about it and methods to protect themselves?

Security researchers at ESET surveyed over 3,000 people across the US and Canada to gauge their understanding of ransomware and unearthed some interesting findings.

Continue reading →

Security firm Kaspersky has released a tool that can be used to decrypt files on computers hit by the CryptXXX ransomware. Rather than paying the ransom demanded to regain access to files, victims are now able to turn to the free RannohDecryptor utility.

CryptXXX had been identified by ProofPoint earlier in the month and described as being closely linked to the Reveton ransomware operation and Angler/Bedep. The ransom of $500 is considered to be quite high, but Kaspersky's free decryption tool means that files can be retrieved without having to part with a cent.

Continue reading →

There is no denying that ransomware attacks are a very real threat for businesses. Given the ever-growing value of data and the importance of business continuity, organizations that have fallen victim to such attacks either face a period of downtime or they pay out in order to retrieve their data to resume business as normal.

Headline-grabbing examples, such those affecting the Hollywood Presbyterian Medical Center, or Lincolnshire County Council, are no doubt only the tip of the iceberg. How many others are giving in to ransomware demands without revealing they ever had a problem in the first place?

Continue reading →

The PETYA ransomware is just one of the recent examples of malware that encrypts victims' hard drives until a fee is paid. The advice from the government is not to pay the ransom -- or at least not expect to get a decryption key if you do -- but a password generator has been created that means you can decrypt your hard drive for free.

While TeslaCrypt 4 boasts 'unbreakable encryption', the same cannot be said of PETYA, although the PETYA ransomware does have the irritating habit of overwriting MBRs. This does mean that there is no way to interact with the drive on the infected computer, but with access to a spare machine to read the drive and access to the online tool created by Leostone, you could have your data back in seconds. As the tool's website proudly proclaims, you can "Get your petya encrypted disk back, WITHOUT paying ransom!!!" -- here's what you need to do.

Continue reading →

Ransomware is one of the most prevalent security threats at the moment, and each week there are new examples that up the ante a little more. In recent months we have seen cross-platform ransomware, Tesla 4's unbreakable encryption, and the MBR-overwriting antics of PETYA, but a new phishing scam takes another approach.

In a cleverly orchestrated campaign, a phishing scam is doing the rounds whereby malware meets social engineering in a bid to extract cash from victims. It marries together the file-encrypting Maktub ransomware with a thinly-veiled threat -- home addresses. Quoting victims' home addresses to them serves two purposes: it adds a level of authenticity to the phishing email, but also acts as additional leverage by upping the fear level.

Continue reading →

Malware is far from being a new problem, but the inexorable rise of ransomware has taken many by surprise. There have been a number of very high profile instances of ransomware such as PETYA, and the threat is perceived as being so high that the US and Canada have taken the unusual step of issuing a joint security alert.

The likes of TeslaCrypt 4 feature 'unbreakable encryption' and use scare-tactics to encourage victims to part with their money. This is what has prompted the joint alert from the US Department of Homeland Security and the Canadian Cyber Incident Response Centre which warns about "destructive ransomware variants such as Locky and Samas". Interestingly, the advisory actively discourages victims from bowing to ransom demands.

Continue reading →

The FBI has began seeking the assistance of companies in the US to streamline its investigation on an increasing ransomware threat in the country.

The FBI is looking into a strain of ransomware called MSIL/Samas, which has been encrypting data across entire networks rather than single computers, Reuters reports. The ransomware infects machines before encrypting data and asking for money in return of the access.

Continue reading →

Ransomware has already caused businesses real trouble this year and recently, security firms have warned about a sudden surge in junk mail messages containing this kind of malware. It seems that organized criminals are now increasingly targeting businesses, which can offer them bigger returns than going after individuals.

The first wave of ransomware started in 2005 and was called Trojan.Gpcoder. Now the security industry (and many unfortunate users) are discovering new variants almost every day. For example, a strain called Locky, discovered only two weeks ago is now the second most prevalent form. Currently, it asks for three Bitcoins (about £885) as payment for the decryption key.

Continue reading →