What is Ransomware?

What is Ransomware

This is the installation of malicious software on a computer whereby it will be used to do what is called a cryptovirology attack which can affect the computer. This software will lock the system and lock the user out.

It is called Ransomware because whoever will use it to attack your computer will demand a form of payment to unlock it for you because they will be the only one with a key. This will be akin to holding something your computer hostage until you can pay them ransom (money) to get it unlocked.

How the Attack Happens

By locking your system, the malware can be used to extort money from you. Other ways will include:

  1. Locking the entire hard drive in your computer or targeting the Master File Table without which you are essentially locked out
  2. Encrypting the hard drives and demanding ransom in exchange for the decryption key.
  3. When you visit websites that have been compromised by these people, you may fall into this trap because of all the pop-up ads which will be hard to keep track of or ignore.

How to Pay

There are many ways to pay for the unlocking of your computer, and these can include the use of bit-coins mostly. You may also be asked to send money via Amazon gift cards or use iTunes. These methods of payment are usually untraceable, and you cannot reverse the transaction once it is done. However, there is a note for you:

Paying does not necessarily guarantee that your account or computer files will be unlocked.”

What You Will Expect To See

When this malicious software has been introduced into your computer, one of these two things will happen.

  • One type will deny you access to the most useful data that will include the documents that you consider very valuable. These include the spreadsheets and word documents.
  • The other one will act by locking the computer and all hard drives that you have.

There will be a notification on the screen telling you that you have been compromised and that the only way to un-stick you are to pay. The instructions are included there.

Where Did It Come From

It was first reported in Russia between the years 2005 and 2006. However, it was invented by Yung and Young of Columbia University.

The following is the protocol used for the extortion to take place.

  1. Phase One- The attacker will make a key and its clone. He will then insert the first in the malware before deploying it.
  2. Phase Two- Once the victim gets the message; they will be required to send the key embedded in the malware together with the money that is required.
  3. Phase Three- The attacker will receive the key sent from the computer and use it to generate the necessary decryption process from it. He will then send it back to you for unlocking.

Anti-Ransomware

Good news is that these problems can be solved without paying money. Although sometimes they may be difficult, there are anti-viruses that contain the anti-ransomware that is designed to detect and remove the ones which lock your screen.