Types of ransomware to watch out for
Table of contents:
- 7 types of ransomware to watch out for
- Talking ransomware "Cerber"
- Ransomware hidden in a game
- Ransomware deletes your files one by one
- Ransomware that does not return your files when paying
- Ransomware on your TV
- Ransomware that does nothing
- Camouflaged ransomware
Ransomware has been one of the words of the past year. We have seen how the number of attacks and varieties has increased significantly. Therefore, we have to be more alert than ever as users. Since there are many types that can be most unexpected and surprising. To prevent surprises, it is convenient to know a little more about them.
Index of contents
7 types of ransomware to watch out for
So you can know what types of ransomware we find today. Recognizing them is a huge help, as it can help us avoid falling into them. Or at least learn a little more about one of the most common dangers of recent times.
Talking ransomware "Cerber"
It is called Cerber. It usually infects computers through email attachments, most often by posing as a Microsoft Office document. If we open it, our computer will be infected and all the files will be encrypted. Also, they will get a new extension which is.cerber. Hence its name.
The curious thing about this ransomware is that in eastern countries of the former Soviet Union, it is disabled. Therefore, users in countries such as Russia, Ukraine, Armenia, Azerbaijan, Georgia, Moldova, Uzbekistan, Tajikistan or Kazakhstan will not have this danger. But in the rest of the world it is a danger.
The way to know if you have been infected by the Cerber ransomware is simple. You will get a warning on the desktop that will tell you that you have been infected. In addition, all the instructions that are in the folders, which are in various formats, when you open them will be dictated. So you will hear a voice reading these instructions.
Ransomware hidden in a game
Possibly some of you have heard or experienced this. Since it has happened this April. It is called PUBG Ransomware. Since in this case, instead of asking for money for the files they have blocked, they gave you two options:
- Play PUBG available at a price of $ 29.99 on Steam Paste this code that they offer you on the screen, and no problem
The reality is that it is not a real ransomware, although it has the same appearance as one. But it is a tool to promote the popular game. Although quite risky, and that surely has caused more than a scare and anger among users.
Since it partially complies with the process of this type of attack. Files on your computer are encrypted and converted to files with a.pugb extension. So the user really has the feeling that it is a ransomware that has affected their computer. Luckily, it is not, and there is nothing to worry about. Although it is a questionable promotional tool.
Ransomware deletes your files one by one
Originally its name was BitcoinBlackmailer, although today it is better known as the Jigsaw Ransomware, inspired by the famous movie saga. In this case, in addition to encrypting all the files on your computer, what you are going to do is delete each and every one of them one by one. A kind of torture towards the user.
It was first discovered in April 2016. It tends to spread in spam emails and tends to go into malicious attachments. What it does, in addition to encrypting everything on the computer, is to show what you see in the image on the screen.
The threat is usually the same, but if a reward is paid (usually in Bitcoin) in an hour, the files will be deleted one by one from your computer. For every hour of payment delay, the number of files deleted will increase, so you have less and less chance of recovering them. If you try to restart your computer or end the process, 1, 000 files will then be deleted at once.
Ransomware that does not return your files when paying
The mechanics of this type of attack is clear by now. They infect the computer, encrypt our files, we pay a reward, and then everything goes back to normal. But this is not the case with the following type of ransomware, dubbed Ranscam.
In this case, even if the user pays, you will not recover your files. Plus, to make it even worse, they don't even bother encrypting files. They directly remove them entirely from the computer, leaving no trace of them. So you lose them all.
Petya, which we have told you about in the past, is inspired and is a variant of this type. It is somewhat less sophisticated than many others we've seen on the list. Although it seems to work, because they still use it.
Ransomware on your TV
In June 2016 it was discovered that FLocker ransomware, which had previously attacked Android phones and tablets, also managed to attack some Android Smart TV. An important step in the history of ransomware, which until now focused on computers or mobile phones.
It is a fairly well-known variant, which mainly affects users in Europe and North America. As in other cases, those in Russia and other countries that belonged to the Soviet Union are not affected by this attack. You usually get a message on the screen that tells you that illegal material has been detected on your television.
Then, a payment is requested. In many cases, the payment in question must be made in iTunes coupons. Once they are received, you can regain control of your television. It is an unusual type of attack, although there have been cases.
Ransomware that does nothing
Oddly enough, there are some types of ransomware that don't really do anything. These are some completely fake popups that claim to be in control of your computer. But the reality is very different, since absolutely nothing has happened.
It is easy for the user to fight and act against this type of ransomware, since we really do not have to do anything. What happens is that you have to be a little alert. Therefore, if this message appears, we must check whether or not we really have access to our files. Since there are users who pay a reward, but their files have not been encrypted at any time.
These types of attacks usually occur when a popup window pops up in your browser. So, it gives you the feeling that you cannot close this window. And you get a message that tells you that your files have been encrypted and you must pay $ 300 in Bitcoin.
The best way to check if you are really being the victim of an attack is to try to close this window. In Windows you can use the key combination Alt + F4. Most likely, the window will close. It is recommended in this case that you update the antivirus and do a scan on the computer. To make sure that there is no threat on the computer.
Camouflaged ransomware
Lastly, we also have to mention that there are types of ransomware that usually hide their appearance and pose as something else. In this way they manage to enter the users' computer. Most commonly, they are inserted into attachments in emails. They pose as office documents. In many cases they are in messages that say you owe money or that you have a fine pending payment. The attachment is an invoice, which when downloading puts the equipment in danger.
Although there are more types of attacks that are hidden. For example, we have the DetoxCrypto ransomware (Ransom.DetoxCrypto), which masquerades as the popular Anti-malware Malwarebytes on some websites. Although it is easy to recognize it because its name is usually Malwerbyte. We also have the example of the CTB-Locker, which is posing as a Windows update.
As you can see, the world of ransomware is very wide. Since there are some types that are little known by a large part of the users. So it is convenient for them to know what these types of attacks consist of.
Make Use OF FontAlpenföhn is a sink to watch out for.
Alpenföhn has already launched its greatest creation: Alpenfön K2, a monstrous heatsink that will compete with the greats on the market: Noctua NH-D14, Silver
Other affected companies are starting to pay the ransomware ransomware
Some companies affected by ransomware have decided to pay the ransom and the first payments already appear in the hacker's portfolio
Watch out! fake ryzen processors sold on amazon
The supposed Ryzen processor sold by Amazon is not even from AMD, it is from Intel and uses an LGA socket. Two cases were reported.