What is Ransomware? | Definition and Risks

Products
- NEW
  Kaspersky
  Security Cloud
  Your gateway to all our best protection. Access our best apps, features and technologies under just one account. Get antivirus, anti-ransomware, privacy tools, data leak detection, home Wi-Fi monitoring and more.
  Learn more Free trial
  Kaspersky
  Total Security
  Premium security & antivirus suite for you & your kids – on PC, Mac & mobile
  Learn more Free, 30-day trial
  Kaspersky
  Internet Security
  Advanced security & antivirus suite for your privacy & money – on PC, Mac & mobile
  Learn more Free, 30-day trial
  Kaspersky
  Internet Securityfor Mac
  Advanced security against identity thieves and fraudsters
  Learn more Free, 30-day trial
  Kaspersky
  Internet Securityfor Android
  Advanced security – for your privacy & sensitive data on your phone or tablet
  Learn more Get it on Google Play
  Kaspersky
  Anti-Virus
  Essential antivirus for Windows – blocks viruses & cryptocurrency-mining malware
  Learn more Free, 30-day trial
  Free Tools
Renew
Downloads
Support
Resource Center
Blog

content/en-global/images/repository/isc/2017-images/malware-img-48.jpg

Ransomware Trojans are a type of cyberware that is designed to extort money from a victim. Often, Ransomware will demand a payment in order to undo changes that the Trojan virus has made to the victim’s computer. These changes can include:

Encrypting data that is stored on the victim’s disk – so the victim can no longer access the information
Blocking normal access to the victim’s system

How Ransomware gets onto a computer

The most common ways in which Ransomware Trojans are installed are:

Via phishing emails
As a result of visiting a website that contains a malicious program

After the Trojan has been installed, it will either encrypt information that’s stored on the victim’s computer or block the computer from running normally – while also leaving a ransom message that demands the payment of a fee, in order to decrypt the files or restore the system. In most cases, the ransom message will appear when the user restarts their computer after the infection has taken effect.

Ransomware methods – around the world

Across the world, Ransomware is increasing in popularity. However, the ransom messages and methods of extorting money may differ across different regions. For example:

Fake messages about unlicensed applications
In some countries, the Trojans often claim to have identified unlicensed software that is running on the victim's computer. The message then asks for payment.
False claims about illegal content
In nations where software piracy is less common, this approach is not as successful for the cybercriminal. Instead, the Ransomware popup message may pretend to be from a law enforcement agency and will claim to have found child pornography or other illegal content on the computer. The message will be accompanied by a demand to pay a fine.