Glossary

Ransomware

Easy

Ransomware is a type of malware used by hackers to steal or encrypt their victims’ files to extort them for a ransom in exchange for file decryption or restoration.

What Is Ransomware?

Ransomware is a type of malware used by hackers to steal or encrypt their victims’ files to extort them for a ransom in exchange for file decryption or restoration. Ransom payment may range from a few dollars to millions, usually paid in digital currencies, depending on the victim being attacked.

Ransomware programs can access devices or systems in numerous ways, most commonly through phishing schemes, which come via emails presented to would-be victims as trusted files. Malicious spam emails would often be booby-trapped with infected links, PDFs, or other attachments. Once activated, ransomware programs swiftly take control of a device while the attacker blackmails their target by threatening to destroy, leak, or sell the stolen data if the ransom isn’t paid in due time. 

There are three categories of ransomware: scareware, screen lockers and encrypting ransomware.

Scareware programs come in the form of pop-up messages that claim to have found malware in your device and that the only way to get rid of them is by paying a certain amount of money. 

Screen lockers are used by hackers to freeze out users from their devices. As soon as their devices are booted up, victims are met with a message from law enforcement offices (FBI, Department of Justice, etc.) stating that illegal activities have been detected on their devices or system and that a fine must be paid.

Encryption ransomware programs are used by hackers to encrypt a user’s files and demand them for payment before their files are decrypted. No security software or tool can ever decrypt an encrypted file or system.

Bitcoin appears to be the most popular form of ransom payment demanded by ransomware hackers.

Related Articles