Ransomware is a type of malware that prevents or limits users from accessing their system. This type of malware forces its victims to pay the ransom through certain online payment methods in order to restore access to their systems, or to get their data back.
Ransomware can be downloaded by unwitting users who visit malicious or compromised websites. It can also arrive as a payload, either dropped or downloaded by other malware. Some ransomware are delivered as attachments to spammed email.
Once executed in the system, a ransomware can either (1) lock the computer screen or (2) encrypt predetermined files with a password.
In the first scenario, a ransomware shows a full-screen image or notification, which prevents victims from using their system. This screen also provides instructions on how users can pay the ransom.
The second type of ransomware encrypts files including word processing documents, spreadsheets, photos and other important files.
The cybercriminals behind ransomware make use of online payment methods such as Ukash, PaySafeCard, MoneyPAK or Bitcoin as a way for users to pay the ransom. However, paying the ransom doesn't guarantee the cybercriminal will restore your system or files to you.
Get the latest news and information on ransomware from our Security Intelligence blog here.
Watch our video on Ransomware here.