What is 'Ransomware'? How to Secure your System from Ransomware.?
Hello guys,
Welcomes you at my blog spot.
In this post we'll consult about Ransomeware.Yes..!! that Ransomware which are Spreading with a high speed to all over the world in our computer System.
Let's Start...
Subscribe me on Youtube
Ransomware is a type of malicious software from cryptovirology that threatens to publish the victim's data or perpetually block access to it unless a ransom is paid. While some simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called cryptoviral extortion, in which it encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them.
The Ransomware blocks your activity and Record then on their on system.
In a properly implemented cryptoviral extortion attack, recovering the files without the decryption key is an intractable problem – and difficult to trace digital currencies such as Ukash and Bitcoin are used for the ransoms, making tracing and prosecuting the perpetrators difficult.
ALSO Read--What is UI.?Types of UI..?
Rise Of Ransomware...
The concept of file encrypting ransomware was invented and implemented by Young and Yung at Columbia University and was presented at the 1996 IEEE Security & Privacy conference.Starting from around 2012 the use of ransomware scams has grown internationally.
In June 2013, security software vendor McAfee released data showing that it had collected more than double the number of samples of ransomware that quarter than it had in the same quarter of the previous year.(Here I define the history of Ransomware in Short.)
Follow Me on Facebook Click Here...
Preview of Ransomware:2017--
In 2017 by incident the attacks of 'Ransomware' is increase.Ransomware is the software, which allows the malicious parties to encrypt the DATA belonging to a individual or an organization.The Ransom demands to pay for decryption to the DATA.But the victim in danger because there is no guarantee to decryption of all DATA.
The process of file encrypting By Ransomware is know as "CRYPTOVIRAL". Cryptoviral extortion is three- round protocol carried out between the attacker and the victim.
The Three round Protocol is Below---
1.- [attacker→victim] The attacker generates a key pair and places the corresponding public key in the malware. The malware is released.
2.- [victim→attacker] To carry out the cryptoviral extortion attack, the malware generates a random symmetric key and encrypts the victim's data with it. It uses the public key in the malware to encrypt the symmetric key. This is known as hybrid encryption and it results in a small asymmetric ciphertext as well as the symmetric ciphertext of the victim's data. It zeroizes the symmetric key and the original plaintext data to prevent recovery. It puts up a message to the user that includes the asymmetric ciphertext and how to pay the ransom. The victim sends the asymmetric ciphertext and e-money to the attacker.
3.- [attacker→victim] The attacker receives the payment, deciphers the asymmetric ciphertext with the attacker's private key, and sends the symmetric key to the victim. The victim deciphers the encrypted data with the needed symmetric key thereby completing the cryptovirology attack.
The symmetric key is randomly generated and will not assist other victims. At no point is the attacker's private key exposed to victims and the victim need only send a very small ciphertext (the encrypted symmetric-cipher key) to the attacker. Ransomware attacks are typically carried out using a Trojan, entering a system through, for example, a downloaded file or a vulnerability in a network service. The program then runs a payload, which locks the system in some fashion, or claims to lock the system but does not (e.g., a scareware program).
History of Ransomware...
1.-Encrypting ransomware
The first known malware extortion attack, the "AIDS Trojan" written by Joseph Popp in 1989, had a design failure so severe it was not necessary to pay the extortionist at all. Its payload hid the files on the hard drive and encrypted only their names, and displayed a message claiming that the user's license to use a certain piece of software had expired.
2.-Non-encrypting ransomware
In August 2010, Russian authorities arrested nine individuals connected to a ransomware Trojan known as WinLock. Unlike the previous Gpcode Trojan, WinLock did not use encryption. Instead, WinLock trivially restricted access to the system by displaying pornographic images, and asked users to send a premium-rate SMS (costing around US$10) to receive a code that could be used to unlock their machines.
3.- Leakware
It is also called 'Doxware'.The converse of ransomware is a cryptovirology attack that threatens to publish stolen information from the victim's computer system rather than deny the victim access to it.
4.- Mobile ransomware
With the increased popularity of ransomware on PC platforms, ransomware targeting mobile operating systems has also proliferated. Typically, mobile ransomware payloads are blockers, as there is little incentive to encrypt data since it can be easily restored via online synchronization.
Click Here...To Follow me
Examples of Ransomware...1.-Reveton(2012)
2.-CryptoLocker(2013)
3.-CryptoLocker.F and TorrentLocker(2014)
4.-CryptoWall(2014)
5.-Fusob(2015-2016)
6.-Petya(2016)
7.-WannaCrypt(2017)
8.-Mitigation
Extension of Ransomware files-- I found Some extension of Ransomware file which is below..
.ecc, .ezz, .exx, .zzz, .xyz, .aaa, .abc, .ccc, .vvv, .xxx, .ttt, .micro, .encrypted, .locked, .crypto, _crypt, .crinf, .r5a, .XRNT, .XTBL, .crypt, .R16M01D05, .pzdc, .good, .LOL!, .OMG!, .RDM, .RRK, .encryptedRSA, .crjoker, .EnCiPhErEd, .LeChiffre, .keybtc@inbox_com, .0x0, .bleep, .1999, .vault, .HA3, .toxcrypt, .magic, .SUPERCRYPT, .CTBL, .CTB2, .locky or 6-7 length extension consisting of random characters.
The most important thing that "How to protect Yourself from Ransomwares.?".
To Protect Yourself from Ransomware do this simple steps..
1.-Keep Update Your OS.-
The Ransomware can not identified in old version of Operating system.And can be that the manufacturer of your OS has stopped working on firewalls or security of your all OS version.So keep update.
2.-Keep Update of your browser and software -
By staying Up-to-date on your browsers and software you can avoid the Ransomware attack.because in Update version some types of ransomware can be identify.
3.-Use Firewall and Strong Antivirus with Update version -
Protect Your System with firewalls and keep a strong Antivirus with internet security and always stay up-to-date with it.
4.-Do not Click outside link or Ads -
If you are getting invite link do not click on it and also do not click on ads.
5.-Do not Keep Unknown Email with Links and Attachment -
If you get unknown emails with some attachment and link so delete them and do not click and do not download the attachment.
6.-Scan Regular Your System and Do not connect with anyone -
Scan your system regular with your antivirus and do not connect your device with anyone.
If you like The post then Share it and Comments Your Problems or Ideas.
No comments:
Post a Comment
Thanks for Your feedback !