CryptoLocker have become a pressing problem. Cyber criminals are creating more and more vicious strains to breach even the highest security standards. For instance, a Mac ransomware named File Coder was intercepted by KasperSky Lab in 2014. It was not fully operational when discovered. However, a couple years later – in March 2016 – hackers came up with a fully functional program. The infamous KeyRanger managed to bypass Mac’s security earlier thought to be insurmountable.
Most Recent Ransomware Attacks
Experts had predicted 2016 to be the ‘year of ransomware’. Barely 4 months into the year, ransomware attacks have been pouring in from corners. So much so, that cyber criminals prompted USA and Canada to issue Ransomware alert to the general public.
While KeyRanger Ransomware infected unsuspecting Mac users, a Ransomware called ‘Cerber’ managed to make their way onto Windows, Mac, Linux, and even Chrome OS via Adobe Flash Player. Both the attacks were intercepted in March by security service providers Palo Alto Networks and Proof point respectively.
Yet another ransomware dubbed ‘Locky’, crippled Kentucky-based Methodist Hospital by gaining access to its internal networks, encrypting files on computer systems and locking data. The hackers refused to unlock the files unless the hospital paid up. The Locky strain of ransomware encrypts all important files, documents and images on an infected host, and then deletes the originals. Victims can regain access to their files only by paying the ransom, or by restoring data from a backup network that is hopefully not infected.
Earlier still, in January, ‘Ransom32’ attacks were reported. Much like other CryptoLocker Ransom32 locks up files and extorts bitcoins from victims within a time frame of 4 days. In late
2015, a ‘game changer’ called Chimera was created by hackers. The catch was: the hackers would publish all Locked data on the Internet if the victim didn’t pay up!
Evolution of CryptoLocker
Ransomware creators fiddled around with quite a few formats. About a decade back ransomware feigned as ‘helpful tools’. Some of the earliest known malware posed as spy removal tools such as SpySheriff or system optimization tools such as Performance Optimizer. These tools mainly targeted Windows as it was easier to breach Microsoft’s security. Some posed as ‘anti-virus’ software. All these malwares charged anywhere between $40-$190 to ‘fix issues. In reality, they did no such thing.
By 2006, malware authors started using encryption codes to lock data. One of the earliest known ransomware that used the concept of encryption was Trojan Cryzip. Individual password-protected archive files copied the data files and deleted the originals. However, the password was embedded in the malware itself making it considerably easier to retrieve the files.
Encryption technology was fledgling, so hackers turned their attention to what is known as ‘Locker ransomware’. This new breed – which proliferated in 2011-2012 – started taking control of systems by denying access or simply disabling users from using their computers.
The ‘ransom’ charges skyrocketed. Whereas misleading apps and fake AVs charged an average of $90, ‘Locker’ ransomware charged anywhere between $150 -$200 payable via electronic cash vouchers. However, users wizened up to the sham sooner than expected.
Thereafter, it was back to square one i.e. Crypto Ransomware. The new-age crypto ransomware are more destructive with stronger encryptions than their predecessors. They also ask for much higher ransom ranging around $300. The preferred modes of payment are ‘Tor’ and ‘Bitcoins’.
Image Source: aNewDomain
A school in New Jersey was held hostage by Ransomware created by its own students in 2015
These ransomware usually enter systems via a carrier (Transmission in case of KeyRanger, Flash Player in case of Cerber) or emails. They lock or encrypt data files and ask for a ransom to unlock or ‘decrypt’ them. The victim usually has to cough up the ransom to regain access to data files.
Some of the most dreaded CryptoLocker in chronological order are:
- CryptoLocker: Emerged in Sept 2013.
- CryptoBit: Emerged in Dec 2013
- CryptoWall” Emerged in April 2014
- OphionLocker: Emerged in Dec 2014
- TeslaCrypt: Emerged in Feb 2015
- Chimera: Emerged in Nov 2015
- KeyRanger: Emerged in March 2016
So how can you defeat the purpose of ransomware? By being just a little more careful about your data. And how do you do that? Create backups. Cloud storage is one of most secure ways of backing up your data. Right Backup is a cloud storage app which gives you unlimited space. The server has tight security. You can easily give ransomware the slip by backing up all your data files.
It’s an easy to install and easy to use app and gives you unlimited storage. Save your data and save your money. Nobody likes paying ransom for stolen data.