Ransomware

What is Ransomware?

Ransomware refers to a class of malware that holds a computer “hostage” until the user pays a particular amount or abides by specific instructions. The ransomware then restricts access to the system when executed. Some cases of ransomware also repeatedly show messages that force users into paying the “ransom” or performing the desired action. There are even ransomware variants that encrypt files found on the system’s hard drive. Users are then forced to pay up in order to decrypt the important or critical files that were altered by the ransomware due to file encryption.

Cybercriminals behind this threat made use of online payment methods such as Ukash, PaySafeCard, MoneyPAK or Bitcoin as a way for users to pay the ransom.

 

ransomware-data-encryption_640

What does it look like and how does it work?

There are different types of ransomware. However, all of them will prevent you from using your PC normally, and they will all ask you to do something before you can use your PC.

They can:

  • Prevent you from accessing Windows.
  • Encrypt files so you can’t use them.
  • Stop certain apps from running (like your web browser).

They will demand that you do something to get access to your PC or files. We have seen them:

  • Demand you pay money.
  • Make you complete surveys.

Often the ransomware will claim you have done something illegal with your PC, and that you are being fined by a police force or government agency.

These claims are false. It is a scare tactic designed to make you pay the money without telling anyone who might be able to restore your PC.

There is no guarantee that paying the fine or doing what the ransomware tells you will give access to your PC or files again.

We specialize and have success in managing the process of acquiring bitcoin, paying the ransom and unencrypting the data provided the unencryption key is sent.