Modern day Dick Turpin – Ransomware
Ransomware catapulted into the news in 2013 when CryptoLocker started holding people’s files to ransom. Since, we’ve seen a number of other programs making a name for themselves. With unprecedented levels of ransomware circulating this year, victims have to make the hard decision of losing their data or paying the cyber criminal’s demands.
Or do they?
What is Ransomware?
Ransomware pretty much does what it says on the tin. It is a malicious program that encrypts a victim’s computer and then displays a message from the criminals demanding payment in return for the decryption keys. Having paid, the victim receives a file that will unlock the machine – if they’re lucky.
How serious the problem is depends on which ransomware is involved. Locky and Zepto are still some of the reigning champs, as far as ransomware volume goes, but here are a few others making a name for themselves:
Princess
This ransomware stands out due to its high ransom price and the pink tiara it boasts once you are infected. The usual asking price for most ransomware is around the $300 mark, however Princess has a starting price of around $1800. If you’re too slow to pay, that doubles to around $3,600 (or 6 bitcoins) to get the key.
EduCrypt
This one was aimed at teaching users a lesson as, once the virus ran and encrypted files, it would let the user know that a key had been hidden on their computer and they just needed to find it to get their files back and decrypt them. The note that pops up has some often recommended advice of not downloading random things on the internet.
Internet of Things Ransomware
Hackers were able to demonstrate that they could successfully infect a thermostat with ransomware. While this is a very specific situation with a certain model of a thermostat, it brings up a point that security researchers have been trying to bring to light: the Internet of Things can be a security nightmare.
MarsJoke (aka Polyglot)
The newest ransomware, this one is aimed at targeting government agencies and educational institutions. The attack has mainly been seen via links in email messages that lead to the malicious download.
If you’re unlucky enough to fall victim to the modern day highwaymen, and thinking of paying the demands, remember that these thieves are often associated with larger criminal organisations, which use your money to fund their illegal activities.
Instead, before you do anything else, take the time today to back up your files, update your software and hardware, and make sure you have layered security, then you won’t find yourself caught between a rock and a hard place.
Troy Gill, Manager of Security Research AppRiver
