Malware

Malware Ransomware [Video]


Viruses, Spyware, and Malware

What is malware?

“Malware” is a term for any software that gets installed on your machine and performs unwanted tasks, often for some third party’s benefit. Malware programs can range from being simple annoyances (pop-up advertising) to causing serious computer invasion and damage (e.g., stealing passwords and data or infecting other machines on the network). Additionally, some malware programs are designed to transmit information about your web-browsing habits to advertisers or other third party interests without you knowing.

To protect all computers from unwanted attacks, IS&T provides Sophos anti-virus software free of charge to the MIT community. Sophos can be installed on Windows, Linux, and Mac computers.

Types of malware

Some categories of malware are:

  • Virus – Software that can replicate itself and spread to other computers or are programmed to damage a computer by deleting files, reformatting the hard disk, or using up computer memory.
  • Adware – Software that is financially supported (or financially supports another program) by displaying ads when you’re connected to the Internet.
  • Spyware – Software that surreptitiously gathers information and transmits it to interested parties. Types of information that is gathered includes the Websites visited, browser and system information, and your computer IP address.
  • Browser hijacking software – Advertising software that modifies your browser settings (e.g., default home page, search bars, toolbars), creates desktop shortcuts, and displays intermittent advertising pop-ups. Once a browser is hijacked, the software may also redirect links to other sites that advertise, or sites that collect Web usage information.

How malware gets through

Malware writers are very experienced in using tricks to get users to download their malware. Software that comes bundled with “other software” is often called a “Trojan Horse.” For example, an instant messenger software could be bundled with a program such as WildTangent, a known spyware offender. Peer-to-peer file sharing software bundle various types of malware that are categorized as spyware or adware. Software that promises to speed up your internet connection or assist with downloads (e.g., My Web Search) will often contain adware. Another common way to infect a computer is through email containing a seemingly benign link or email attachment.

Malware can exploit security holes in your browser as a way of invading your machine. Sometimes websites state that software is needed to view the site, in an attempt to trick users into clicking “Yes,” thus installing software onto their machines. Another trick is if you click “No,” many error windows display. Other sites will tell you that using a certificate makes their site “safe” which is not the case. Certificate verification means only that the company that wrote the software is the same as the company whose name appears on the download prompt.

Some malware provides no uninstall option, and installs code in unexpected and hidden places (e.g., the Windows registry) or modifies the operating system, thus making it more difficult to remove.

Source:  MIT Edu

Ransomware: A Growing Menace

Overview

Ransomware that locks a computer and uses law enforcement imagery to intimidate victims has spread from Eastern Europe to Western Europe, the United States, and Canada over the past year. The scam has been copied and professionalized from initial early attacks, with established online criminal gangs now branching out into the scheme. Each gang has separately developed, or bought, their own different version of the ransomware.

This malware is highly profitable, with as many as 2.9 percent of compromised users paying out. An investigation into one of the smaller players in this scam identified 68,000 compromised computers in just one month, which could have resulted in victims being defrauded of up to $400,000 USD. A larger gang, using malware called Reveton (aka Trojan.Ransomlock.G), was detected attempting to infect 500,000 computers over a period of 18 days.

Given the number of different gangs operating ransomware scams, a conservative estimate is that over $5 million dollars a year is being extorted from victims. The real number is, however, likely much higher.

Introduction

Ransomware is a category of malicious software which, when run, disables the functionality of a computer in some way. The ransomware program displays a message that demands payment to restore functionality. The malware, in effect, holds the computer ransom. In other words, ransomware is an extortion racket. The scam has evolved over time, using various techniques to disable a computer. The most recent evolution locks the computer display and does not allow the user to access any programs. The computer then displays a message that claims to be from a branch of local law enforcement.

Messages are usually something along the lines of “You have browsed illicit materials and must pay a fine” (as in the preceding Figure 1 example). Law enforcement logos are used to give the message an air of authenticity. A lot of individuals do pay up, either because they believe the messages or because they realize it is a scam but still want to restore access to their computer. Unfortunately, even if a person does pay up, the fraudsters often do not restore functionality.

The only reliable way to restore functionality is to remove the malware. Initially confined to one or two countries in Eastern Europe, the malware has spread throughout Europe and across the Atlantic to the United States and Canada. Criminals will go wherever the money is. From just a few small groups experimenting with this fraud, several organized gangs are now taking this scheme to a professional level and the number of compromised computers has increased.

Symantec has identified at least 16 Figure 1 Example of a typical ransomware message Ransomware: A Growing Menace Page 3 Security Response different versions of ransomware. Multiple gangs have retained programmers to develop these different versions independently. In fact, there is not just one single family of ransomware composed of multiple variants, but rather multiple families each with their own unique behavior.

This paper documents an investigation into these different families, describing how multiple gangs are branching out from previous frauds, such as fake antivirus or financial Trojans, and moving into ransomware. It discusses how the criminals launder their money, how much money the scheme may be worth, and how ransomware has become a serious threat.

…read more

Source: Symantec

Thanks MIT Edu, Symantec and for reading Malware Ransomware 

Help Support Our Work

Like and Share on our Facebook page

Dr Don
Founder/Admin The Internet Crime Fighters Org, Author The Internet Users Handbook, See more http://about.me/drdony
Dr Don
Dr Don
Dr Don

Latest posts by Dr Don (see all)

Tags: , , ,
Previous Post
Malvertising
Business Child Family Crime Security Home Social Media

Malvertising [Video]

Next Post
Blue Whale
Child Family Crime Security News

BEWARE: Blue Whale Challenge [Video]

Comments

  1. Reply

    Bad news, fandroids: Mobile banking malware now encrypts files First Faketoken stole credentials, now it holds data to ransom http://www.theregister.co.uk/2016/12/20/faketoken_mobile_banking_malware/

  2. Reply

    United States: Data Breach Trends — 2016: The Year Of Ransomware http://www.mondaq.com/unitedstates/x/558620/Security/Data+Breach+Trends+2016+the+Year+of+Ransomware

  3. Reply

    Android Users Under Attack As Banking Malware Source Code Was Posted Online http://news.softpedia.com/news/android-users-under-attack-as-banking-malware-source-code-posted-online-512067.shtml

  4. Reply
  5. Reply
  6. Reply

    Fake Ransomware Attacks Are Tricking Businesses Into Paying How terrified are people of losing their data to a ransomware infection? So terrified that they’ll pay ransoms even when their computers aren’t actually infected.https://www.forbes.com/sites/leemathews/2017/01/27/fake-ransomware-is-tricking-people-into-paying/#8e594b64baab

  7. Reply

    Scamwatch: fake ransomware attacks Companies duped by “bluff” ransomware demands. http://www.aol.co.uk/money/2017/01/29/scamwatch-fake-ransomware-attacks/

  8. Reply

    Bitcoin Ransomware Education – GX40 https://themerkle.com/bitcoin-ransomware-education-gx40/

  9. Reply

    Mac malware on the rise as crooks turn to ransomware Malwarebytes warns of FindZip threat targeting MacBook users http://www.theinquirer.net/inquirer/news/3008415/mac-malware-on-the-rise-as-crooks-turn-to-ransomware

  10. Reply

    Ransomware, Mac Malware Dominate Q1 Threat Landscape Cerber, somewhat unexpectedly, emerged as the biggest ransomware threat, Malwarebytes found. http://www.darkreading.com/endpoint/ransomware-mac-malware-dominate-q1-threat-landscape/d/d-id/1328640

  11. Reply
  12. Reply

    Verizon: Ransomware, Cyberespionage Attacks On the Rise https://www.onthewire.io/verizon-ransomware-cyberespionage-attacks-on-the-rise/

  13. Reply

    Ransomware accounted for 72% of healthcare malware attacks in 2016 Two new reports from Symantec and Verizon say hackers are using ransomware and phishing attacks to target the industry. http://www.healthcareitnews.com/news/ransomware-accounted-72-healthcare-malware-attacks-2016

  14. Reply

    Reference

    Malware is malicious software that consists of programming, for example code or scripts, designed to disrupt the performance of PCs, laptops, handheld devices, etc. http://www.actionfraud.police.uk/fraud-az-malware

    What is Malware and How to Defend Against It? How to protect yourself against malware Malware, short for “malicious software,” refers to a type of computer program designed to infect a legitimate user’s computer and inflict harm on it in multiple ways. Malware can infect computers and devices in several ways and comes in a number of forms, just a few of which include viruses, worms, Trojans, spyware and more. It’s vital that all users know how to recognize and protect themselves from malware in all of its forms. http://usa.kaspersky.com/internet-security-center/internet-safety/what-is-malware-and-how-to-protect-against-it#.WFnwLPl95aQ

    malware (malicious software) http://searchsecurity.techtarget.com/definition/malware

    How to remove malware from your Windows PC Clean out and restore your PC to its pristine state. http://www.pcworld.com/article/243818/security/how-to-remove-malware-from-your-windows-pc.html

    Ransomware is a form of malware that gives criminals the ability to lock a computer from a remote location – then displays a pop-up window informing the owner that it will not be unlocked until a sum of money is paid. In some cases, the only usable part of the computer is the number keypad to enter a PIN to enable payment to the criminals. The best-known variety of ransomware in recent times is called CryptoLocker. https://www.getsafeonline.org/protecting-your-computer/ransomware/

    Malware https://us.norton.com/security_response/malware.jsp

    Malware refers to any type of malicious software that tries to infect a computer or mobile device. Hackers use malware for any number of reasons such as, extracting personal information or passwords, stealing money, or preventing owners from accessing their device. You can protect yourself against malware by using anti-malware software. https://www.avast.com/c-malware

    Viruses, Spyware, and Malware https://ist.mit.edu/security/malware

    Proofpoint Threat Report Finds 97 Percent of Malicious Emails Contain Locky Ransomware https://securityintelligence.com/news/proofpoint-threat-report/

    Ransomware attacks: Why healthcare data is at risk http://searchsecurity.techtarget.com/tip/Ransomware-attacks-Why-healthcare-data-is-at-risk

    What is Ransomware and 15 Easy Steps To Keep Your System Protected [Updated] Did you know what ransomware can do besides encrypting your data? https://heimdalsecurity.com/blog/what-is-ransomware-protection/

    Kaspersky tells ransomware victims not to pay up http://betanews.com/2016/11/03/dont-pay-ransom/

    Google Gets Tough on Malware Sites and the Damage They Do http://www.toptechnews.com/article/index.php?story_id=111003TVC700

    Ransomware attacks more than double in Q3 http://technology.iafrica.com/news/1039579.html

    Lansing utility paid $25,000 ransom after cyberattackhttp://www.freep.com/story/news/local/michigan/2016/11/09/bwl-paid-ransom-cyberattack/93576218/

    Criminals Distribute Locky Ransomware To 2014 OPM Data Breach Victims To make the emails seem less suspicious, they all contain the signature of OPM account Manager Elis Lucas. http://www.newsbtc.com/2016/11/10/criminals-distribute-locky-ransomware-2014-opm-data-breach-victims/

    Small and medium businesses under heavy ransomware attacks The attacks increased eightfold in the past year. http://www.itproportal.com/news/small-and-medium-businesses-under-heavy-ransomware-attacks/

    Businesses are warned of rising threat of cyber ransom attacks http://www.independent.ie/business/irish/businesses-are-warned-of-rising-threat-of-cyber-ransom-attacks-35210713.html

    Q&A: Mitigating and recovering from ransomware attacks We speak to Mark Lewis, CEO of Formation Data Systems about the pervasive ransomware threat. http://www.itproportal.com/features/qa-mitigating-and-recovering-from-ransomware-attacks/

    Ad industry tries ‘certified’ security seals to combat ransomware in ads http://www.cso.com.au/article/610209/ad-industry-tries-certified-security-seals-combat-ransomware-ads/

    Ransomware haunts small businesses, attacks up 8 times in Q3 Ransomware attacks up eight times in Q3, 2016, compared to same period in 2015, says Kasperskyhttp://www.financialexpress.com/industry/tech/ransomware-haunts-small-businesses-attacks-up-8-times-in-q3/447570/

    Windows 10 Updates Target Ransomware Threats http://www.darkreading.com/endpoint/windows-10-updates-target-ransomware-threats/d/d-id/1327507

    Report: Half of Organizations Have Been Hit by Ransomware http://www.eweek.com/security/report-half-of-organizations-have-been-hit-by-ransomware.html

    Kaspersky predicts that cybercriminals will progressively turn to social, advertising networks for espionage http://wwpi.com/2016/11/18/kaspersky-predicts-that-cybercriminals-will-progressively-turn-to-social-advertising-networks-for-espionage/

    How To Keep Your Customers Protected From Constantly Changing Ransomware http://www.bsminfo.com/doc/how-to-keep-your-customers-protected-from-constantly-changing-ransomware-0001

    Ransomware victims able to thwart attacks, report says The vast majority of companies hit by ransomware attacks were able to stop the attacks http://www.csoonline.com/article/3142889/security/ransomware-victims-able-to-thwart-attacks-report-says.html

    Ransomware: 97 percent of phishing e-mails contain it Locky dominates the onslaught. And there has been an increase in deployment of so-called quiet malware such as remote access Trojan malware like jRAT, according to new research from PhishMe. http://www.healthcareitnews.com/news/ransomware-97-percent-phishing-e-mails-contain-it

    Facebook malware disguises itself as an image file to download more malwarehttps://www.neowin.net/news/facebook-malware-disguises-itself-as-an-image-file-to-download-more-malware

    How to Remove Malware from your Windows PC http://computer-guyz.blogspot.my/2016/08/how-to-remove-malware-from-your-windows.html

    New ScanPOS Point-of-Sale malware heavily targets hospitality sector https://securitybrief.com.au/story/new-scanpos-point-sale-malware-heavily-targets-hospitality-sector-/

    Junk images on Facebook Messenger lead users to malwarehttp://www.geektime.com/2016/11/22/junk-images-on-facebook-messenger-lead-users-to-malware/

    Millions of brand-new Android phones come with a massive built-in security flaw http://bgr.com/2016/11/21/ragentek-android-backdoor-malware/

    Three New Reports Show The Ransomware Threat is Still Gaining Momentum http://themerkle.com/three-new-reports-show-the-ransomware-threat-is-still-gaining-momentum/

    Facebook spam caught delivering Locky ransomware http://www.scmagazineuk.com/facebook-spam-caught-delivering-locky-ransomware/article/574704/

    95% Of Ransomware Attacks Bypass Firewalls; 77% Permeate Email Filteringhttp://www.bsminfo.com/doc/of-ransomware-bypass-firewalls-email-filtering-0001

    What is ransomware https://www.rockford-it.co.uk/what-is-ransomware/

    Locky Ransomware Is Now Using JPG Images On Facebook & LinkedIn To Hack Your PC https://fossbytes.com/locky-ransomware-jpg-images-facebook-hack/

    Protecting against ransomware in the cloud: A guide http://www.cloudcomputing-news.net/news/2016/nov/29/protecting-against-ransomware-cloud-guide/

    48% Of Organizations Have Suffered Ransomware Attacks In Past Year It takes an average of 33 hours to recover from a ransomware attack http://www.bsminfo.com/doc/of-organizations-have-suffered-ransomware-attacks-in-past-year-0001

    New Research: Facebook and LinkedIn Users at a High Risk for Malware http://www.newseveryday.com/articles/56188/20161129/new-research-facebook-and-linkedin-users-at-a-high-risk-for-malware.htm

    Ransomware: 9 best security practices your company should apply http://memeburn.com/2016/11/ransomware-security-practices/

    Check Point uncovers new ransomware threat using images and social media https://securitybrief.co.nz/story/check-point-uncovers-new-ransomware-threat-using-images-and-social-media/

  15. Reply

    Best anti-ransomware tools: How can I remove ransomware from my computer? Having Ransomware on your PC is an emergency. Here we name some tools that might help http://www.techworld.com/security/best-ransomware-removal-tools-how-clean-up-cryptolocker-cryptowall-extortion-malware-3626974/

  16. Reply

    Opinion The ongoing threat of ransomware – and how CUs can thwart attacks https://www.cujournal.com/opinion/the-ongoing-threat-of-ransomware-and-how-cus-can-thwart-attacks

  17. Reply

    The Best Ransomware Protection of 2017 When ransomware turns your most important files into encrypted gibberish, and paying big bucks to get those files back is your only choice, you’re in big trouble. One of these top-performing utilities is you best bet to stay safe. http://sea.pcmag.com/software/15260/guide/the-best-ransomware-protection-of-2017

Leave a Reply

Your email address will not be published. Required fields are marked *