The modern cyberthreat landscape is complex — it’s characterized by new malware strains and advanced worm variants, which cybercriminals create in attempt to outpace threat hunters in the race for valuable data. One of the most powerful variants as of late is ransomware, a subset of malware that is designed to lock a victim’s device upon infection via encryption. Once locked, the threat demands money from victims (often in the form of bitcoin or other cryptocurrencies), promising them they’ll receive a decryption key and their data and files back upon payment completion (which is rarely the case).
Though a fairly new addition to the collection of malware in hackers’ arsenals, ransomware has already spawned a wide variety of variants, all equipped with their own unique capabilities and nuances. From Troldesh ransomware’s bruteforcer module to Virobot ransomware’s propagation via Outlook mail to even ransomware in the cloud, the malicious software has grown to become diverse and agile. It’s also been behind some of the biggest attacks the security industry has seen to date, such as the infamous WannaCry attack of 2017.
The good news? Security researchers intend to remain agile too, with industry-leading teams continuously conducting threat research and building decryption tools to build an accurate defense strategy to combat all types of ransomware. What’s more, if properly educated on what ransomware is and how it works, users can stop the malicious software from causing any major damage to their devices. This means adopting simple best practices, such as always maintaining a backup version of data and files, never paying the ransom and adopting free ransomware tools online.
Satan Ransomware used in Multi-Platform Cryptomining and Ransomware Campaign
Practical tips for preventing Ransomware
Troldesh Campaign: Ransomware with Cryptominer in Tow