![]() ![]() It also stored the key required to decrypt the files on a remote server and demanded payment for access to it. The biggest threat with Cryptolocker was that it used RSA-2045, military grade encryption. ![]() The next big version of ransomware to arise was Cryptolocker, a type of ransomware that utilized encrypting files as ransom (similar to those of 10 years earlier). It would be another two years before one of the biggest threats to all users would appear, utilizing an old method in a new way. New families using the same scam didn’t make it very long as most of the world knew about the malware and how to get rid of it. A user might not want to call a friend or take their computer to a repair shop if there is a big screen that claims they have been looking at child pornography and then points it out. One of the final versions of this form of ransomware would actually show child pornography to the user on the ransom screen, an act that not only technically forced the user to break the law but also shame them into paying the ransom regardless if they believed the threat was real or a scam. This included providing personal information such as IP addresses and locations as well as turning on the user’s webcam and even playing a sound file that would read the charges to the user. The social engineering tactic, now referred to as implied guilt, basically makes the user question their own innocence and rather than being called out on an activity they aren’t proud of, they will pay the ransom to make it all go away.Īs the media began to notice Reveton and other copycat families using the same tactics, the creators began utilizing more technical methods of trying to extract money from users. Depending on the family utilizing this tactic, the ransom varied between $100 to $3000. Most of these screens required a fine be paid, usually with a pre-paid card such as UKash or PaySafeCard. Average users did not know what to make of this and believed they were truly under investigation from law enforcement. The ransomware would claim that the user had committed a crime, such as computer hacking, allowing their computer to get infected, downloading illegal files, or even being involved with child pornography. These attacks utilized similar technical methods of locking as previous ransomware types however it took the psychological attack to the next level. With the development of the ransom family Reveton, victims would be locked out of their desktop and be shown an official looking lock page that included credentials for law enforcement agencies such as the FBI and Interpol. Ultimately harmless to an experienced computer user and easy to remove, ransomware would not receive worldwide attention until in 2012 with the launch of Reveton. The same tactics were used repeatedly for the next five years, with ransom types that locked the browser, would overwrite the Master Boot Record (MBR) so the system could not boot correctly, and be incorporated into other types of malware such as rootkits and RATs as a final option to extract money from the victim. This type of malware would take over the victim screen and show pornographic images, demanding payment via a paid SMS. In 2007, WinLock heralded the rise of a new type of ransomware that did not bother encrypting files but rather locked the user out of their desktop. ![]() With very few variants popping up over the next 10 years, a true ransomware threat would not be seen until 2004 with GpCode, another ransom variant that utilized weak RSA encryption to hold personal files ransom. The encryption used was simple enough to reverse and therefore posed little threat to computer savvy users and companies. PC Cyborg would demand the user renew their license by sending $189 via snail mail to PC Cyborg Corp. The first ransomware, known as PC Cyborg or AIDS would encrypt all files in the C: directory after 90 reboots. HistoryĮarly ransomware variants were first developed in the late 1980s. Ransom malware or ransomware is a threat that prevents users from accessing their system or personal files and demands ransom payment in order to regain access.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |