HACKING TUTORIAL #3

HACKING TUTORIAL #3

Ransomware

Ransomware: It is a sophisticted piece of maleware that blocks the victim access to his files,and the only way to regain access to the files is to pay a ransom.

Types of Ransomware

There are 2 Types of Ransomware

1. Encrypting Ransomware
2. Locker Ransomware

• Encrypting Ransomware:  Which incorportes advanced encryption algorithms.it is designed to block system files and demand payment to provide the victim with the key that can decrypt the blocked content. Ex:- Cryptolocker, Locky , Cryptowall and more
• Locker Ransomware:- Which Looks the victim out of the operating system , making it impossible to access the desktop and any apps or files. The files are not encrypted in this case, but the attackers still ask for a ransom to unlock the infected computer.

How ransomware works :   

Ransomware kits on the deep web have allowed cyber criminals to purchase and use a software tool to create ransomware with specific capabilities and then generate this malware for their own distribution and with ransoms paid to their bitcoin accounts. As with much of the rest of the IT world, it's now possible for those with little or no technical background to order up inexpensive ransomware as a service (RaaS) and launch attacks with very little effort. In one RaaS scenario, the provider collects the ransom payments and takes a percentage before distributing the proceeds to the service user.

• [attacker→victim] The attacker generates a key pair and places the corresponding public key in the malware. The malware is released.

• [victim→attacker] To carry out the crypto viral extortion attack, the malware generates a random symmetric key and encrypts the victim's data with it. It uses the public key in the malware to encrypt the symmetric key. This is known as hybrid encryption and it results in a small asymmetric cipher text as well as the symmetric cipher text of the victim's data. It zero sizes the symmetric key and the original plain text data to prevent recovery. It puts up a message to the user that includes the asymmetric cipher text and how to pay the ransom. The victim sends the asymmetric cipher text and e-money to the attacker.

• [attacker→victim] The attacker receives the payment, deciphers the asymmetric cipher text with the attacker's private key, and sends the symmetric key to the victim. The victim deciphers the encrypted data with the needed symmetric key thereby completing the cryptovirology attack.

5 tips to prevent ransomware

1. Do not pay the ransom. It only encourages and funds these attackers. Even if the ransom is paid, there is no guarantee that you will be able to regain access to your files.
2. Do not provide personal information when answering an email, unsolicited phone call, text message or instant message. Phishers will try to trick employees into installing malware, or gain intelligence for attacks by claiming to be from IT. Be sure to contact your IT department if you or your coworkers receive suspicious calls.
3. Restore any impacted files from a known good backup. Restoration of your files from a backup is the fastest way to regain access to your data.
4. Use reputable antivirus software and a firewall. Maintaining a strong firewall and keeping your security software up to date are critical. It’s important to use antivirus software from a reputable company because of all the fake software out there.
5. If traveling, alert your IT department beforehand, especially if you’re going to be using public wireless Internet. Make sure you use a trustworthy Virtual Private Network (VPN) when accessing public Wi-Fi like Norton WiFi Privacy.

I hope this tip will helps you to protect devices Some time Ransomware is more dangerous so keep safe your device. I hope you like this tutorial