Ransomware and cryptomining explained

The experts over at Avast Business tell us what ransomware and cryptomining are and how to protect yourself against them

Ransomware is vicious and, if you pay the scammers, very costly.

This guide from Avast Business will take you through what ransomware is, how it infects your PC and how you can prevent it. They also explain what cryptomining is.

What is ransomware?

Ransomware is a malicious software which encrypts files on your computer or completely locks you out. It is spread by hackers who then demand a ransom, (usually $300-500/GPB/EUR, preferably paid in bitcoins), claiming that you’ll receive the decryption key to recover your files if you pay. It’s also often combined with a time limit, creating a sense of urgency. Ransomware comes in all shapes and sizes. Some variants are more harmful than others, but they all have one thing in common – the ransom.

Is it ransomware?

When it comes to ransomware, anyone can be a target. For example, WannaCry took advantage of a Windows vulnerability to spread and infect more than 200,000 users as well as 10,000 companies, public authorities and organisations worldwide. The first recorded ransomware attack occurred in 1989, so this concept is not entirely new.

Is ransomware a virus?

No, ransomware is not the same as a virus. Viruses infect your files/software and have the ability to replicate themselves. However, ransomware simply scrambles your files in order to render them unusable and then demands that you pay up.

How ransomware infects your PC

From malicious email attachments and fake links to social media scams, ransomware spreads quickly and hits hard. Here’s how it gets on your computer.

Social engineering

• A fancy term for tricking people to download malware from a fake attachment or link

• Disguised as ordinary documents such as bills, notices, receipts, CVs, etc. and they appear to be from a reputable company/person/institution

Malvertising

• Paid ads that deliver ransomware, viruses and malware

• Hackers will even buy ad space on popular websites and social media to get their hands on your data

Exploit kits

• Prewritten code wrapped nicely in a ready-to-use hacking tool

• Designed to exploit vulnerabilities and security holes caused by out of date software regardless if it’s a general OS or a third-party app

Drive-by downloads

• Dangerous files you never asked for

• Some malicious websites take advantage of out of date software/apps to silently download malware in the background while you’re browsing an innocent-looking website

>See also: Ransomware mustn’t be allowed to strangle SMEs

Preventing ransomware

So far, so frightening – but there are ways that you can protect yourself from ransomware.

Back up your important files

Back up your files on external drives, the Cloud or both. With so many free cloud storage services out there, you really have no excuse. To be extra safe, choose a service with version histories. That way, if anything bad ever happens to your account, you can easily restore it to a previous version.

Use an up to date antivirus software

Antivirus software offers essential protection against anything trying to mess with your computer. It also offers proactive security measures instead of common reactive or passive procedures other tools might offer.

Keep your operating system updated

If you remember when we talked about WannaCry earlier, you will already know that security updates are vital for your computer’s safety. Out of date software makes you more vulnerable to all kinds of malware, including ransomware.

Should I pay the ransom?

Hackers don’t discriminate. Their only goal is to infect as many computers as possible because that’s how they make money. Victims will pay hundreds of thousands of dollars to recover data. You’re dealing with scammers here, so paying the ransom doesn’t guarantee anything. Paying encourages the hackers to come back harder and demand more money. Simply put – no, you should not pay the ransom. Instead, keep preventive measures in mind and prepare for the worst, just in case.

>See also: Why you shouldn’t pay up to ransomware

Cryptominer/cryptojacking

These types of malware are often related to ransomware, since they use the same attack vectors to infect a system or network. The big difference is that these types of malware do not encrypt your local files and send you a ransom note as soon as they are done. They turn the infected system into a continuous money-making machine for the hacker by mining cryptocurrencies in the background without you noticing.

Cryptojacking doesn’t even require significant technical skills – you can actually buy “out-of-the-box” cryptominer toolkits on the Dark Net for as low as $30 (£22).

Due to the complex nature of cryptominers, the best protection against this type of threat is similar to what you use to protect against ransomware. Additionally, another helpful precaution is to educate users and staff to be aware of suspicious links or a sudden change within the system or network performance/behaviour.

Read more

How to protect your business against cryptojacking

Avatar photo

Avast Business

Avast Business is a cybersecurity firm offering security, privacy and productivity software that protects people from threats on the internet

Related Topics

Ransomware