What is it?
Ransomware is one of the types of dangerous malicious software that uses cryptology. It can be destructive because it threatens to publish the data of the victim, or completely block access to it unless the victim pays a set ransom.
What does it do?
Some of the simple ransomware families lock the system, which for a knowledgeable person is not that hard to reverse. On the other hand, more advanced malware uses the crypto extortion technique, where the malware encrypts the files and makes them inaccessible while demanding a ransom payment for their retrieval. In a complete and proper crypto extortion attack, recovering the files without a key is impossible. In addition, it is difficult to trace digital currencies like Ukash, Bitcoin. Cryptocurrencies like these are most often used for the ransoms. Therefore, tracing and prosecuting the perpetrators behind the cybercrime is extremely difficult.
How does it operate?
Trojans usually carry out the ransomware attacks, disguised as legitimate files the user downloads or opens. They often come as email attachments. However, one example of this malicious software, known as the WannaCry worm, traveled automatically from one computer to another without any user interaction.
When did it start?
The first ransomware attack recorded took place in 1989. However, starting from around 2012, their volumes have grown around the globe. In total, there have been around 181.5 million ransomware attacks in the first six months of 2018 alone, which is staggering. This is a 229% increase over the same period of the previous year, 2017. In June of 2013, McAfee released information that they had collected more than double the number of ransomware samples that quarter alone than they had in the same quarter in 2012.
Which viruses are the most dangerous?
There are and have been many ransomware types out there. CryptoLocker was a very successful example. Its authors managed to accumulate around the US $3 million before the authorities busted them. In addition, CryptoWall is thought to have gained the US $18 million by June of 2015, according to US Federal Bureau of Investigation (FBI).
Now, arguably the worst one is the Gandcrab virus. Gandcrab 5.2 is the latest version of this nefarious malware. It encrypts files after which the criminals behind it try to extort money to recover them back to normal so that your computer goes back to its original operations. You can decrypt files locked by older versions of Gandcrab virus yourself, and there are threads online on how to do it. However, it is difficult and there is no guarantee you will get everything back. Gandcrab 5.2 is not decyptable for now.