Malware is short form of malicious software. Once it infects the host computer, then malware can pose various degrees of threats such as stealing user’s data and private info, bypassing access control to do unauthorised tasks, or corrupt the existing data. So malware is any piece of software which has potential to intentionally damage or disrupt the host computer which it targets and also has the potential to harm the people associated with that device or it's data.
Ransomware is a special form of a malware which takes hold of the host computer by means of trojan or other infected file download and restricts the access of the owner to his device or data. It then asks for ransom ( mostly in cryptocurrencies ) to allow access or decrypt the data. Ransomware have been there for about two decades, but it has been only recently that they took off affecting millions of users.
Lets take a look at some of the worst ransomware attacks of recent times:
CryptoLocker came to surface in the year 2013 and it spread through attachments on span mails. It used a RSA public-private key combination to encrypt the user data and demanded ransom to send the decryption key. It affected 500,000 machines and collected about $3 million dollars in ransom
It evolved from the CryptoLocker community of hackers and targeted files associated with video games such as maps, downloadable content etc. The team of hackers behind TeslaCrypt were constantly improving the malware through update patches. The hackers then released the decryption key publicly after they claimed to be done with illegal activities.
Petya leveraged the EternalBlue security vulnerability like WannaCry but it was morphing so fast that experts nicknamed it NotPetya. Some people claim NotPetya to be part of Russian Cyberattack on Ukraine.
WannaCry was the worst ransomware attack of all times and it spread exponentially across the world during mid-2017. In just 4 days it was able to infect upto 250,000 devices in 116 countries. Hackers used some of the leaked hacking tools by NSA to build this attack. WannaCry exploited a security vulnerability in the smb port in Microsoft Windows and although the loophole had its patch released , but most of the people failed to update their OS.
SimpleLocker was one of the first ransomware which targeted mobile platform. It focussed on Android platform in the year 2015–16 and made the files unaccessible for the user until they pay the ransom. It reached a peak of about 150,000 infected devices and spread mainly through Trojan route.
Ransomware is lurking threat which can hit any device, so it is extremely important to take all possible precautions to keep your devices and data safe. Keep your susceptibility of getting infected by malware low by keeping all your software updated and running latest anti malware vigilance software. Internet is not always a safe and friendly place, so stay protected and stay safe.