Blog

Rajib Singha
7 Important Ransomware FAQs that you must know
August 5, 2016

7-Important-Ransomware-FAQs-that-you-must-know_

There can be no two way to the fact that Ransomware has easily become one of the biggest banes of digital security for individual users and enterprises alike.

Ransomware is a malware that locks an infected computer or encrypts its files (converts the files into an unreadable form). It then demands a ransom from the victim to let go off the system or decrypt the files.

The threat of ransomware has been steadily growing over the past few years, with attackers bringing in more sophistication into their attacks. We have outlined 8 important ransomware FAQs for you to know and understand so that you can be more prepared.

1. How old is ransomware?

Many might suppose that this nefarious malware is relatively new. But, its history can be traced back to 1989. AIDS Trojan is known to be the first ransomware virus; it was created to target the attendees of a World Health Organization’s international conference on AIDS. Although this malware was not technologically advanced and taken down without much effort, it became the forbearer of all the ransomware families that followed. They include:

Ransomware Time of occurrence
Archiveus 2006
Unnamed 2011
Reveton 2012
Cryptolocker 2013
Cryptodefense 2014
Sypeng and Koler 2014
CTB-Locker and SimplLocker 2014
LockerPin 2015
TeslaCrypt 2015
LowLevel04 and Chimera 2015
Ransom32 and 7ev3n 2016
Locky 2016
SamSam 2016
KeRanger 2016
Petya 2016
Maktub 2016
Jigsaw 2016
CryptXXX 2016
Zcryptor 2016

 

2. What are the types of ransomware?

There are two primary variants of the ransomware malware.

1. File Encrypting Ransomware – encrypts the data (all types of files including pictures, word docs, spreadsheets, PDFs, videos, etc.) it can find in the computer that it infects.

2. Screen Locker Ransomware – Locks the screen of the infected computer and renders it useless.

Incidences of file-encrypting ransomware are more common than screen lockers. This could be because attackers want their victims to use their computer in order to pay computer their encrypted data.

3. How does a ransomware spread?

• The most common medium used by attackers to spread ransomware is email. Victims are sent fake and devious emails loaded with attachments that contain ransomware malware.

• Visiting compromised and infected websites can infect the user’s system with a ransomware.

When a computer is infected by a ransomware, nothing extraordinary happens that can alert the user of the incident. It is when the ransomware displays its ransom note (demanding a certain sum of money) that the user realizes that something is wrong.

4. Are ransomware creators picky about their victims?

The one universal truth about cyber is that they are not biased. Anyone who uses a computer and is connected to the Internet is a potential victim. And this could be a blogger sitting in a restaurant accessing the free Wi-Fi and working on a blog or a big retail organization.

5. Why is ransomware a difficult malware to deal with?

The main reason that makes ransomware a hard nut to crack is the technology they use to encrypt files. Primitive ransomware families used an encryption method which was relatively easy to break. The modern day’s ransomware, however, uses a more complex method to encrypt the victim’s files. Here, criminals have two things – a public key for encrypting the files and a private key for decrypting the files. It is the private key that a victim needs to buy in order to decrypt the files. Without this key, the decryption is impossible.

6. Should you pay the ransomware’s ransom?

While the answer is easier said than done, it is strongly recommended never to pay the ransom. Paying extortionists only encourages them. Secondly, it is never guaranteed that you will get back your files even after you have met the ransomware’s demands; after all, you are dealing with crooks with zero morale.

7. What should you do to stay away from ransomware?

Because it is impossible to decrypt any files without the private key, preventing a ransomware infection is critical. Below are some simple security measures that reduce the risk of ransomware attacks to a great extent.

  • Never open emails sent by unknown, unwanted or unexpected sources.
  • If an email seems to have been sent by someone you know and carries a sense of urgency, call up the sender and verify. Most phishing emails are made to sound important or urgent. The way they are written is mainly to trick you into taking an action like clicking on a link or downloading an attachment.
  • Do not click on links or download attachments in emails that ask for your personal information, or talk about your bank accounts.
  • Apply all recommended security updates for your Operating System, programs like Adobe, Java, Internet Browsers, etc. These updates fix security weaknesses in these programs and prevent malware from exploiting them.
  • Make sure that your antivirus software is up-to-date and blocks phishing emails and phishing websites.
  • Take regular backups of your files. Remember to disconnect the Internet when you are backing up on a hard drive. Unplug the drive before you go online again.
  • Install an antivirus that can prevent ransomware from infecting your computer. This infographic shows what Quick Heal does to stop this malware.

 

Source
http://www.csoonline.com/article/3095956/data-breach/the-history-of-ransomware.html#slide22
http://www.darkreading.com/endpoint/a-brief-history-of-ransomware/d/d-id/1325212

SHARE THIS STORY

Have something to add to this story? Share it in the comments.

Rajib Singha
About Rajib Singha
Rajib is a Physics graduate and a technology enthusiast. Besides having a keen interest in the latest gadgets, he is also into IT security and all that it...
Articles by Rajib Singha »

70 Comments

Your email address will not be published.

CAPTCHA Image

  1. MANISH KUMARAugust 6, 2016 at 8:31 AM

    I have opened a email and my some files like videos, exl files etc r unreadable, not opening… And a note is also displaying demanding some money and saying that my files r encrypted with RSA4096…. I have Quik heal total security.. How I can recover?? I don’t have backup.. 🙁

    Reply
    • Rajib Singha Rajib SinghaAugust 17, 2016 at 11:20 AM

      Hi Manish,

      Thank you for writing in. Our support engineers would gladly help you with this issue. Please visit http://bit.ly/QHChat to chat with us online. You can also raise a ticket at http://bit.ly/Askus and we will get back to you at the earliest.

      Regards,

      Reply
    • hello..
      my laptop was infected by ransomnware…i had try alot.. installing different antivirus and decrypt method ..bt cnt success-ed please any one knw more den share ??

      Reply
      • Rajib Singha Rajib SinghaMarch 10, 2017 at 5:31 PM

        Hi Rinkal,

        Thank you for writing in. Our support engineers would gladly help you with this issue. Please call us on our toll-free no. 1800-121-7377 or visit http://bit.ly/QHChat to chat with us online. You can also raise a ticket at http://bit.ly/Askus and we will get back to you at the earliest.

        Regards,

        Reply
  2. Hasta GurungAugust 6, 2016 at 11:51 AM

    Thank’s

    Reply
  3. Give me 2016 agust product key

    Reply
  4. Samarjit SinhaAugust 10, 2016 at 9:03 PM

    Hello. Thanks for your continuous efforts to warn Quick Heal users about ransomware. I would really like to know more about this dangerous malware. It encrypts files of infected systems & that is possible when any variant of it gets installed. Is it possible to get rid of this kind of infection by a clean install of OS ? Is it possible to get all files back (except files on C drive) by this method ? Does it lock the BIOS also ?

    Reply
    • Thanks for the valuable information. How is it possible to get rid of this kind of infection automatically during automatic updation.

      Reply
  5. MANOJ KUMARAugust 11, 2016 at 8:58 AM

    THANKS TO TAKE INFO

    Reply
  6. thanks

    Reply
  7. Ahasan UllahAugust 11, 2016 at 1:41 PM

    I need one trial version antivirus.

    Reply
  8. softwer is not update

    Reply
  9. Thanks

    Reply
  10. ANSUMAY DATTAAugust 11, 2016 at 9:30 PM

    Thanks a lot for your extremely valuable advice.

    Reply
  11. PITAMBAR SHOUGRAKPAMAugust 12, 2016 at 12:11 AM

    WE SHOULD KNOW VERY WELL ABOUT ‘ RANSOMWARE ‘ AND ITS VARIOUS CRIMINAL ACTIVITIES……
    THE ONLY WAY OUT TO GET RID OUT OF ‘ RANSOMWARE ‘ IS TO INSTALL A WORLD CLASS ANTI-VIRUS…….

    Reply
  12. CA Vikram Shankar MathurAugust 12, 2016 at 2:26 PM

    How can one become a contributor to this blog? I am also an Information Technologist.

    Reply
    • Rajib Singha Rajib SinghaAugust 17, 2016 at 11:08 AM

      Hi,

      Thanks for writing in. You can email us your original blog post to cw@quickheal.com. Once it goes through our editing process, we can publish it under our Guest Profile and acknowledge you as the original writer.

      Regards,

      Reply
  13. Sukumar SarkarAugust 12, 2016 at 6:49 PM

    some of the software are not updated

    Reply
  14. It is a good information, keep informing
    God bless you

    Reply
  15. RASHID MALIKAugust 13, 2016 at 10:12 AM

    Thanks a lot for sharing bro rajib

    Reply
  16. JAYRAM TIWARYAugust 13, 2016 at 10:24 AM

    Yes, the information about the malware is very helpful,and how to avoid is more important information. Thanks.

    Reply
  17. Good and Thanks you

    Reply
  18. Sandeep SolankiAugust 13, 2016 at 11:13 PM

    We have to secure my applications.

    Reply
  19. satyam prakashAugust 15, 2016 at 10:48 AM

    thanks

    Reply
  20. It is verey good

    Reply
  21. Aaditya AanandAugust 16, 2016 at 12:20 AM

    how to download quick heal updates fast

    Reply
  22. Safe and standard security for smart phones, a must one.

    Reply
  23. surendras344@gmil.comAugust 16, 2016 at 4:27 PM

    What Is This ?

    Reply
  24. Vinayak FulaAugust 17, 2016 at 10:18 AM

    My all word & excel files are converted into Zepto Ransamware. How will I recover the same?

    Reply
  25. thank you

    Reply
  26. Sir I want remove the threats can you help me.?

    Reply
  27. WE SHOULD KNOW VERY WELL ABOUT ‘ RANSOMWARE ‘ AND ITS VARIOUS CRIMINAL ACTIVITIES……
    THE ONLY WAY OUT TO GET RID OUT OF ‘ RANSOMWARE ‘ IS TO INSTALL A WORLD CLASS ANTI-VIRUS…….

    Reply
  28. Sahil GaikwadAugust 18, 2016 at 9:40 PM

    It is very good Anti Virus For Daily use . I hope it will achieve more success in future …. Best Luck

    Reply
  29. sandip sahaAugust 18, 2016 at 10:08 PM

    Nice

    Reply
  30. . How is it possible to get rid of this kind of infection automatically during automatic updation.

    Reply
  31. Quick Heal Renewal 1-2 years

    Reply
  32. DILIP GAVITAugust 20, 2016 at 1:00 PM

    Good

    Reply
  33. RASAMAY BISWASAugust 20, 2016 at 1:17 PM

    very nice quick heal antivirus , i like this……

    Reply
  34. RASAMAY BISWASAugust 20, 2016 at 1:20 PM

    Hello. Thanks for your continuous efforts to warn Quick Heal users about ransomware. I would really like to know more about this dangerous malware. It encrypts files of infected systems & that is possible when any variant of it gets installed. Is it possible to get rid of this kind of infection by a clean install of OS ? Is it possible to get all files back (except files on C drive) by this method ? Does it lock the BIOS also ?

    Reply
  35. kdevendra1991@gmail.comAugust 20, 2016 at 2:41 PM

    I have purchased Quick HEAL Total Security for renewal on 20.08.2016 online. I have provided a product key. my transaction ID is GSM34691948895 (Bill Desk). But my product is not renewal.Please renewal my product immediately.

    Reply
    • Rajib Singha Rajib SinghaAugust 22, 2016 at 6:55 PM

      Hi,

      We have escalated the matter to the Renewal Team; they will get in touch with you soon.

      Regards,
      Team Quick Heal

      Reply
  36. QUICK HEAL total security is best security

    Reply
  37. quick heal total security is very important all india top antivirus

    Reply
  38. Manoj BoruahAugust 20, 2016 at 5:31 PM

    Thank you very much sir.How to get rid of it,plz tell me…

    Reply
  39. Good

    Reply
  40. Quick heal is a very compact antivirus.But u can add some extra command like folder password lock & Hide option with password. I want from u this option in quick heal total security.

    Reply
  41. suresh Kumar MallahAugust 22, 2016 at 11:07 AM

    virus Nikalo Please

    Reply
  42. what a nice security

    Reply
  43. vinod kumarAugust 22, 2016 at 10:30 PM

    i like this quick heal total security antivires

    Reply
  44. ansonng27@yahoo.comAugust 23, 2016 at 5:25 PM

    can not update

    Reply
  45. rajibkhanraAugust 23, 2016 at 5:42 PM

    all time my computer to see the kill page but quick heal antivirous activity

    Reply
  46. chander mohanAugust 23, 2016 at 6:26 PM

    so nice

    Reply
  47. ANINDYA SUNDAR MANDALAugust 23, 2016 at 8:12 PM

    I am using Quick Heal Internet Security 17.00, 64-bit. Does it have Anti Ransomware protection? I checked compare products option. But no information there. Please help.

    Reply
  48. mahaveer prasad kumawatAugust 23, 2016 at 8:52 PM

    i have problem in inter net surfing some sites will not open in same network and i will change network then these site will open in other network please give me suggestion

    Reply
  49. THIS ANTIVIRUS IS BEST PROTECTION ON OUR PC/LAPTOP .

    Reply
  50. WHAT ANTIVIRUS FOR SICUIRTY IN LAPTOP

    Reply
  51. Best qulaty of quick heal

    Reply
  52. harshada DatekarSeptember 13, 2016 at 11:06 PM

    Thanks for the valuable information.

    Reply
  53. prakash pawaskarOctober 21, 2016 at 1:52 PM

    I have not any type of Bank Card, hence I requested to local service man to renew my pro but he has not visited.

    Reply