Ransomware also known as cryptoviruses, cryptotrojans or cryptoworms is an increasingly common Internet thread that is spreading like wild fire at the moment. Especially the variations called Citadel and Reveton are very active.
The malicious code in Ransomware spreads in much the same way as a computer virus and worms. The aim of the code is to extort money from the user infected with the code. This is why the phenomenon is also known as Scareware as it uses social engineering to scare the user into thinking he/she has done something wrong. Lets take a look at the example below.
In this case the user opens up a web page and all of a sudden the screen turns grey and up pops the screenshot from below.
An authentic looking page from “the FBI” with your IP address and ISP name warns you that your PC has been blocked as you have violated copyright law. On top of that if you have a webcam attached you will see a picture of yourself on the right with a label claiming you are being recorded. The user is then ordered to pay a fine in order to have the ban lifted and charges dropped. The legal threat is of course bogus.
More serious examples will encrypt files on the victim’s computer asking for a ransom in order to decrypt the files. This thread unlike the legal thread from other examples is very real. Users have reported being locked out of their computers or loosing valuable files.
Ransomware is Widespread
Internet security firm McAfee reported more than 120.000 new infections in the second quarter of 2012 alone.
Brian Krebs from the blog On Security found data from a Scam focusing on France and he found out that 2116 were infected in a single day. Out of these just 79 paid the ransom, but at $100 pr. user you can do the math yourself and I’m sure you will agree we are talking big numbers here. Don’t forget the scammers are targeting computers all over the world.
The huge profits keeps on attracting new spammers all the time and there is no sign of this type of scam going away anytime soon.
How to Avoid Ransomware
The recipe for avoiding ransomware is much the same as protecting yourself from other online threads.
- Make sure your operating system is up to date.
- Install antivirus on your system like Mcafee or Kaspersky.
- Install and use VPN from Unlocator
to encrypt data transfers. - Don’t click unknown email attachments.
- Avoid downloading software from obscure sources.
What if I Have Already Been Infected with Scareware?
First of all take a deep breath and remain calm. Ransomware is a scam and you will not be reported to the police or anything of the like. Download and install antivirus from McaFee or Kaspersky and let it run on your system to remove the infection.