Updated on 2022-12-01 GMT+08:00

Ransomware

What Is Ransomware?

Ransomware emerged with the Bitcoin economy. It is a Trojan that is disguised as a legitimate email attachment or bundled software and tricks you into opening or installing it. It can also arrive on your servers through website or server intrusion. Ransomware often uses a range of algorithms to encrypt the victim's files and demand a ransom payment to get the decryption key. Digital currencies such as Bitcoin are typically used for the ransoms, making tracing and prosecuting the attackers difficult.

Ransomware interrupts businesses and can cause serious economic losses. We need to know how it works and how we can prevent it.

Ransomware can intrude servers in various ways and is difficult to remove.

Cases

The following are several cases of ransomware:
  • Case 1: Files in a Windows host are encrypted and ransomware messages exist in the host.

  • Case 2: Files in a Windows host are encrypted and suffixes are added to the files.

  • Case 3: Files in a Linux host are encrypted and suffixes are added to the files.