What is ransomware?

Ransomware is a malicious computer program designed to lock files on a user’s computer containing pictures, videos, and other information. The program demands payment in return of the users data. Usually if the payment is not met by a deadline the users data is destroyed or stolen. Ransomware infects a computer when a user visits a maclious website or opens a phishing email with a link to a malicious website. Some ransomware can be cracked if it’s not to sophisticated, otherwise ransomware can be very hard to get rid of. Alot of times attempts are unsuccessful. Out of date or weak virus protection can also be the cause of a ransomware infection. Never take a chance and always make sure to back up important data onto a usb flash drive or another data device.

Advertisements

Different types of malware and the purposes they are used for

A computer should always be running in top condition. Over time, memory (hard drive) usage may impact a computers speed. Otherwise a well taken care of computer should stay in good shape. However, a computer infected with any type of malware can impact the performance of a computer, in some cases making it unusable. The underlying goal of malware and why it’s created is for stealing information and mostly profit (stealing money).

This section describes different types of malware, why malware exists, and where it comes from so you can understand it and have a better idea on how to keep your computer safe. All malware can generally spread the same way. Infected websites, spam email, infected programs the user downloads, and a weak or no firewall. Smartphones can be infected with malware although it is less common.

Malware

Any type of software that is harmful to your computer. Obtained by downloading files/programs that seem harmless, opening or following through with spam email instructions, or visiting bad websites. Every definition in the list below is malware. A virus, worm, and trojan are all different types of malware even though a virus is often used to describe other types of malware which is technically incorrect.

Virus

A computer virus is attached to a .exe file and is only ran while the infected file/program is running. A virus can run in the background remaining undetected if the user does not know how to check processes. A virus requires a user to run an infected .exe file to spread and infect other programs and computers while a worm can spread by itself. The payload of a virus can range from displaying messages on your screen to deleting critical files as well as infecting the computer with other malware. A virus can be obtained by visiting websites infected with malware. Android uses .apk files for apps so technically viruses do not exist on android but other types of malware do.

Worm

Unlike a computer virus, worms can spread by themselves without running a .exe file. A worm can infect your email contacts and send copies of itself to other networks and computers. A strong firewall is important to prevent worms along with other security measures.

Trojan

Usually hidden inside of a download, email, or an infected website (drive by download) that seems harmless. A trojan can create a back door. Allowing the trojan to gain remote access to the computer. Unlike a virus or worm, a trojan does not copy itself or spread. A trojan can drastically slow down a computer due to processor and network usage. A trojan can also be used to infect a computer with other types of malware such as a keylogger, or turn the computer into a bot for DDOS attacks.

Ransomware

Ransomware is malware that encrypts (locks) files on a computer (or sometimes the entire hard drive) and will only decrypt them or not publish them if the user pays the demanded amount of money. Some ransomware can be reversed if it’s not that advanced and most likely created by a script kitty which is a term for a amateur cyber criminal. Otherwise, serious ransomware will encrypt the files making it highly difficult to reverse. This is why it is always important to back up important information such as pictures, files, videos, and whatever else that has high value. The use of ransomware has grown between the years of 2012 and 2014. Ransomware is usually a trojan disguised as a safe file.

Botnet

A bot is a computer that has been compromised by a hacker or malware and is used to send out email spam or a ddos attack and is usually controlled remotely. When multiple computers are compromised and used for malicious purposes, it is then called a botnet. People may be unaware that they have a compromised computer.

Keylogger

A malicious program that is used to record what the user types. It is often used to crack passwords and other information such as bank or credit card information.

Spyware

Malware used to monitor web browsing habits such as what websites the user visits and what they search for. Spyware can collect information without you knowing and then sell it to other company’s. Spyware does not spread like a virus. It is installed by exploiting security holes and can also be hidden inside of programs and files.

Adware

Adware is malware that places unwanted ads and pop ups on your computer while your on or offline. Adware can track a users internet activity and record information without the user knowing. The data that is collected is usually sold to third party’s. If you are infected with adware then you might notice unfamiliar toolbars in your browser. You may also be redirected to ad pages when using your browser. Alot of free software contains adware so be cautious when downloading programs.

Rootkit

A rootkit is a malware program that can modify the operating systems and programs. It is designed to hide software. It can be hard to detect and sometimes very complicated or nearly impossible to remove.

Bootkit

A bootkit is similar to a rootkit. Bootkits are also hard to detect and remove. A security exploit in Windows allows the bootkit to infect and hide itself in the master boot record or the volume boot record. Anti virus may not detect a bootkit because the bootkit is not located in the regular files where the anti virus scans.