What are the most common ransomware strains?
Ransomware is a type of malware that encrypts a victim’s files and demands a ransom to decrypt them. While there are many different types of ransomware, some strains are more common than others.
The most common ransomware strains include:
Locky: Locky is a ransomware strain that was first spotted in February 2016. It is typically spread through malicious attachments in spam emails. When a victim opens the attachment, Locky will encrypt their files and demand a ransom of 0.5 Bitcoin (approximately $380 as of May 2017) to decrypt them.
Teslacrypt: Teslacrypt is a ransomware strain that first emerged in February 2014. It is typically spread through malicious attachments or links in spam emails. When a victim opens the attachment or clicks on the link, Teslacrypt will encrypt their files and demand a ransom of 1-2 Bitcoin (approximately $760-$1,520 as of May 2017) to decrypt them.
Crysis: Crysis is a ransomware strain that first emerged in April 2014. It is typically spread through malicious attachments or links in spam emails. When a victim opens the attachment or clicks on the link, Crysis will encrypt their files and demand a ransom of 1-3 Bitcoin (approximately $1,140-$2,620 as of May 2017) to decrypt them.
Petya/Mischa: Petya and Mischa are two ransomware strains that emerged in March 2016. They are typically spread through malicious links in spam emails. When a victim clicks on the link, Petya/Mischa will encrypt their hard drive and demand a ransom of 1 Bitcoin (approximately $760 as of May 2017) to decrypt it.
Jigsaws: Jigsaws is a ransomware strain that first emerged in April 2016. It is typically spread through malicious attachments or links in spam emails. When a victim opens the attachment or clicks on the link, Jigsaws will encrypt their files and demand a ransom of 1-3 Bitcoin (approximately $760-$2,280 as of May 2017) to decrypt them.
There are many other ransomware strains, but these are some of the most common ones. Ransomware is a growing threat and it is important to be aware of the different types that exist. If you are infected with ransomware, do not pay the ransom. Instead, contact a professional to help you decrypt your files..Original Content
What are some of the best ransomware prevention tips?
As the number of ransomware variants and attacks continue to grow, so do the need for robust prevention tips. Here are 10 of the best tips for preventing a ransomware attack:
1. Keep your systems and software up-to-date
One of the best ways to prevent a ransomware attack is to keep your systems and software up-to-date. Cybercriminals are constantly searching for vulnerabilities in systems and software that they can exploit to deliver their malicious payload. By ensuring that your systems and software are patched with the latest security updates, you can make it much more difficult for attackers to successfully infect your systems.
2. Use strong security software
Another important step in preventing a ransomware attack is to use strong security software. This software should include an antivirus program as well as a firewall. The antivirus program will help to protect your systems from known ransomware variants, while the firewall will help to block incoming connections from malicious sources.
3. Back up your data regularly
One of the most effective ways to prevent data loss in the event of a ransomware attack is to back up your data regularly. There are many different ways to backup data, such as using an external hard drive or cloud-based storage. It is important to ensure that your backup data is not connected to your network so that it cannot be encrypted by the ransomware.
4. Be cautious with email attachments
One of the most common ways that ransomware is delivered is through email attachments. Cybercriminals will often send emails that appear to be from a legitimate source, such as a financial institution, with an attachment that contains the ransomware. It is important to be cautious when opening email attachments, especially if you do not recognize the sender.
5. Be cautious when visiting websites
Another common method of delivering ransomware is through malicious websites. Cybercriminals will often create websites that contain exploit code that can take advantage of vulnerabilities in your web browser to deliver the ransomware. It is important to be cautious when visiting websites, especially if you are not familiar with the website.
6. Do not enable macros in Microsoft Office documents
Another common method of delivering ransomware is through Microsoft Office documents that contain macros. Macros are small pieces of code that can be used to automate tasks. Many ransomware variants will use macros to deliver their payload. It is important to disable macros in Microsoft Office documents unless you are expecting to use them.
7. Be cautious when using removable media
Another common method of delivering ransomware is through removable media, such as USB drives. Cybercriminals will often infect removable media with ransomware and then distribute it to people. It is important to be cautious when using removable media, especially if you do not know the source of the media.
8. Be cautious when using third-party software
Another way that ransomware can be delivered is through third-party software. Cybercriminals will often create malicious software that masquerades as a legitimate program. It is important to only download and install software from trusted sources.
9. Implement security policies and procedures
An important part of preventing a ransomware attack is to have security policies and procedures in place. These policies and procedures should include measures for dealing with email attachments, removable media, and third-party software. It is also important to have a policy for backing up data.
10. Train your employees
It is important to train your employees on the importance of cybersecurity and the steps that they can take to prevent a ransomware attack. Employees should be made aware of the signs of a ransomware attack and the steps that they should take if they believe that their system has been infected. Employees should also be trained on the importance of following security policies and procedures.
We used malwarezero.org to write this article about ransomware. Click for source.