Ransomware

Ransomware Application


Hello guys !!!

Today I'm bring some interesting topic to you. That is Ransomware. Lets talk about the Ransomware.


What is Ransomware ?

Definition 01 :-

Ransomware is computer malware that installs covertly on a victim’s device (Eg :- computer, smartphone, wearable device) and that either mounts the cryptovirl extortion attack from cryptovirollogy that holds the victim’s data hostage, or mounts a cryptovirology leak ware attack that threatens to publish the victim’s.

Definition 02 :-

Ransomware is a type of malware that prevents or limits users from accessing their system, either by locking the system’s screen or by locking the user’s files unless a ransom is paid. More modern ransomware families, collectively categorized as Crypto-ransomware, encrypt certain file types on infected system and focus users to pay the ransom through certain online payment methods to get a decrypt key.







Ransom Prices and Payment 

Ransom prices vary depending on the ransomware variant and the price or exchange rates of digital currencies. Ransomware operators commonly specify ransom payments in bitcoins. Recent ransomware variants have also listed alternative payments option such as iTunes and Amazon gifts cards. It should be noted, however that paying the ransom does not guarantee that users will get decryption key or unlock tool required to regain access to the infected system or hostage files.

The Rise of Reveton and Police Ransomware

Revton is a ransomware type that impersonates law enforcement agencies. Known as police Ransomware or police Trojans, these malware are notable for showing a notification page purportedly from the victim’s local law enforcement agency, informing them that they were caught doing an illegal or malicious activity online. 



The Evolution to Crypto-Locker and Crypto-ransomware

A new type of ransomware emerged that encrypted files, aside from locking the system. The encrypted files ensured that victims are forced to still pay the ransom even if the malware itself was deleted. Due to it’s new behavior, it was dubbed as Crypto-locker like previous ransomware types, crypto-ransomware demands payment from affected users, this time for a decrypt key to unlock the encrypted files.

Although the ransom note in Cryptolocker only specifies RSA-2048 as the encryption method used, analysis shows that the malware uses AES + RSA encryption.

RSA is asymmetric key cryptography, which means it uses two keys. One key is used to encrypt the data and another is used to decrypt the data. AES uses symmetric keys, which uses the same key to encrypt and decrypt information.



How to prevent the Ransomware ?

First and foremost, be sure to back up your most important files on regular basis

personalize your anti-spam settings the right way.

Think twice before clicking.

The show file extensions feature can thwart ransomware plagues, as well.

Patch and keep your operating system, anti virus, browsers, Adobe flash player, java and other software up-to-date.

Keep the windows firewall turned on and properly configured at all times. settings up the additional  firewall protection.





Comments

Post a Comment

Popular posts from this blog

Phishing

Image
Phishing on Course web at SLIIT What Is Phishing?                   Phishing is the attempt to obtain sensitive information such as usernames, passwords and credit card details , often for malicious reasons, by disgusting as a trustworthy entity in electronic communication. What is spear phishing attack ?                   S pear phishing  is an email that appears to be from an individual or business that you know. But it isn't. It's from the same criminal hackers who want your credit card and bank account numbers, passwords, and the financial information on your PC. Introduction ?         First you need know some details about how it will be work. Phishing attack can be done creating web pages like original web sites. Attacker create similar site like original one and host that site in the server and send that link to the target person or group. If they trust that link and enter their information to that fake webpage. In that page store what they ente
Read more

CySCA 2014 Web Penetration Testing Write-up

Image
Hellow Peeps !!! Today I bring some interesting hacking challenge walkthrough. Let's see what it is, CySCA2014 Web Penetration Testing Write-up We need to first setup the cysca2014 box in VM. When the VM configuring we can check connectivity is their using ping commands. Web Penetration Testing 1 – Club Status Turn on the intercept in the burp suit and go to the web site using cysca2014 IP address. Then you can see the GET request. There are two cookies called PHPSESSID and VIP. Then we have to edit the VIP cookie value from 0 to 1 and forward the request. Then we need to forward this packet in burp suite. Then we can get a website. Index.php Now we cannot access the blog. Now we need to change VIP 0 to 1 then we can access the blog.   Now we can access Blog. Web Penetration Testing 2 – Om nom nom nom After completing challenge 1, you can browse on the Blog page. There is
Read more

Double Submit Cookies Patterns

Image
Cross-Site Request Forgery (CSRF)  Cross-Site Request Forgery (CSRF) is a type of attack that occurs when a malicious web site, email, blog, instant message, or program causes a user’s web browser to perform an unwanted action on a trusted site for which the user is currently authenticated. The impact of a successful CSRF attack is limited to the capabilities exposed by the vulnerable application. For example, this attack could result in a transfer of funds, changing a password, or purchasing an item in the user's context. In effect, CSRF attacks are used by an attacker to make a target system perform a function via the target's browser without knowledge of the target user, at least until the unauthorized transaction has been committed. Impacts of successful CSRF exploits vary greatly based on the privileges of each victim. When targeting a normal user, a successful CSRF attack can compromise end-user data and their associated functions. If the targeted end user is an
Read more