Ransomware comes in many different shapes and forms; moreover, as technology changes – so do they. And even when some are terminated, other forms of ransomware come into the picture. How can you know which virus is trying to corrupt your system? Here, we break down a few types of ransomware, as well as what they do and how they are spread:
CryptoLocker was created in 2013, and it was the very first ransomware virus. CryptoLocker was distributed in email kits and spam. Once the victim downloaded the virus, it would install itself into a Windows User Profile and encrypt specific extensions – Microsoft Office, OpenDocument, images, and autoCAD files. As soon as the virus was completely encrypted into the computer, the virus would lock down the computer and demand for payment through Bitcoin – used in almost every ransomware attack. CryptoLocker used the lockdown and payment method to extort money from their victims. However, antivirus software caught up to CryptoLocker, ultimately terminating the virus — but it wouldn’t be the end for ransomware. After CryptoLocker ended in 2014, the virus paved new ways for cyber criminals to extort money.
CryptoWall was the next generation of ransomware. Like CryptoLocker, this virus uses spam mail and email kits and a ransom system – Bitcoin – to get their victims. However, CryptoWall attacks Microsoft temp folders instead of the Windows User Profile. And with CryptoWall being a new generation of ransomware, that meant the virus could corrupt a wider variety of files.
CTB-Locker is yet another form of ransomware. Like CryptoWall, the CTB-Locker targeted the Microsoft temp files, embedded itself, and demanded for payment. However, what makes the CTB-Locker stand out more than the others is the outsourcing the virus does. The cyber criminals outsourced the CTB-Locker infection to others for a cut of the profit – affecting more people and expanding. The virus is also sneakier. CTB-Locker is found in fake antivirus software and click schemes, sometimes getting the victims to pay monthly fees.
Locky is similar to the first few ransomware forms, but it’s a modified version. Locky hides in email messages in the form of invoices. The invoices give a step-by-step instructions on how to download a specific file; however, the virus is having you enable your defenses, so it can encrypt your computer. Since it has been modified, it can handle encrypting large file types – allowing the virus to take over the computer at a higher speed.
Ransomware is something that should be discussed as a company and as individuals. The virus is ever-changing, and there are many other types of ransomware out there. Find ways to keep you and your company safe, and always keep on the lookout if anything seems suspicious.