Home Home Security Resource Center Threats

Ransomware - Definition, Prevention and Removal

content/en-global/images/repository/isc/2017-images/malware-img-48.jpg

Ransomware Trojans are a type of cyberware that is designed to extort money from a victim. Often, Ransomware will demand a payment in order to undo changes that the Trojan virus has made to the victim’s computer. These changes can include:

Encrypting data that is stored on the victim’s disk – so the victim can no longer access the information
Blocking normal access to the victim’s system

How Ransomware gets onto a computer

The most common ways in which Ransomware Trojans are installed are:

Via phishing emails
As a result of visiting a website that contains a malicious program

After the Trojan has been installed, it will either encrypt information that’s stored on the victim’s computer or block the computer from running normally – while also leaving a ransom message that demands the payment of a fee, in order to decrypt the files or restore the system. In most cases, the ransom message will appear when the user restarts their computer after the infection has taken effect.

Ransomware methods – around the world

Across the world, Ransomware is increasing in popularity. However, the ransom messages and methods of extorting money may differ across different regions. For example:

Fake messages about unlicensed applications
In some countries, the Trojans often claim to have identified unlicensed software that is running on the victim's computer. The message then asks for payment.
False claims about illegal content
In nations where software piracy is less common, this approach is not as successful for the cybercriminal. Instead, the Ransomware popup message may pretend to be from a law enforcement agency and will claim to have found child pornography or other illegal content on the computer. The message will be accompanied by a demand to pay a fine.