RansomWare Virus or Way To Make Money
RansomWare is type of virus which take your all data and your official files and corrupt it by encryption techniques.
RansomWare take your files from your system and convert it into unreadable forms. So, you will not know about your file data and what type of information it contain.
Corrupting of files not send your files information to other but locked your files data. Everything happened just because of earn some amount of money from you.
You give them money and they will give you to way how to access your files data but the time when your file is corrupting RansomWare will give you some specific time period to get your files back but if once that time period is over. Even loose access from your files.
Where RansomWare Work To Make Money
RansomWare work in huge IT sectors and Big Business companies and organizations to encrypt there files and ask money to decrypt data files.
RansomWare Implementation Techniques
There are two techniques used by Ransom ware to encrypt your files
-Cryptolocker
-TOR C&C Communications ( CTB Locker )
How Ransomware Sends To Systems
Troj-Cryptrbit.h affects:
Troj-Cryptrbit.h attack the system backup files and delete system backups.
Small file dowloaded:
When you download file from Internet you get some small files. its not harmful sometimes but sometimes that small file contain Z BOT VARIANT file which is not affect system but Z BOT VARIANT helps to download Cryptolocker Malware and Cryptolocker help to Ransomware to encrypt your system data.
Spam Email:
Sometimes you get email form unknown email id that doesn't mean, email contain only information but it might contains some high level viruses. which exploit your system and make it like trash.
Dropped by Other Malware
Malware are the type of program which are specially made to destroy your some specific pc and systems or networks also. Malware help to send
ransomware to other system. Ransomware is also called Scareware.
Fakeav Malware is a example, which destroy your important system by attack in MBR(Master Boot Records) it cause your system boot misbehave.
First time Ransomware came in market in 2005 only in Russia. After that it move out from Russia to the other countries.
New Ramsonware see in market after 2010, by the name of Reveton. Reveton is also called as police Ransomware or police Trojan.
Reveton used in United State by FBI and In France by Gendarmerie National.
To access detail from Ukash, Paysafe card and Money Pak.
Ransomware have two types Encryption:
AES (Symmetric Key)
Same key use for Encrypt and Decrypt data.
RSA (Asymmetric Key)
Two key use to Encrypt and Decrypt data. key which encrypt data is public visible to everyone but the second key which send with encrypt file to decrypt data. second key will not be see by anyone.
How they ask to user to send money
Attacker ask to purchase bit coins(site especially made for getting money to user and provide them bit coins according to money) and deposit those bit coins in some other accounts. To get these account information from where are you sending is not possible because bit coin is illegal site. No one know in bit coins who is getting your money and where, it is going.
Comments
Post a Comment