Norton UK Blog
Ransomware and Cryptolocker - 5 Things You Probably Didn't Know
As far as malware goes, ransomware is probably the one people know the least about. We often hear loads about viruses and worms on the news and on TV, but ransomware doesn’t often get a shout-out.
Today, we’re shedding light on the baby of the malware family with five things you probably didn’t know about ransomware.
1. Ransomware is the loudest of all malware
Unlike some malware, there is nothing subtle about ransomware. It doesn’t quietly steal your information, plague you with unwanted ads and pop-ups, or spy on you while you type.
No, ransomware very loudly and very ominously announces itself with the ransom note that gives it its name. You’ll know straight away if you’ve been unfortunate enough to be infected. The usual scenario plays out like so: you get up and potter about in your morning routine.
Maybe you have a coffee or some breakfast. You turn on your computer or phone and a pop up or image appears onscreen telling you that your device has been locked and all your files have been encrypted.
The hacker will usually give you a time limit and demand a sum of money. If you can’t or won’t pay the ransom, the hacker will either raise the fee or they’ll destroy the decryption key so you lose all the files on your computer. Ouch!
Many of the ransomware viruses even come with a countdown clock, to increase your panic, every tick dragging you closer to hard-drive wipe-out. Ransomware hackers do not play around.
2. Ransomware is the new kid on the block
With antivirus software readily available and people becoming increasingly tech-smart, hackers have had to push the boat out when it comes to creating hacks that work and get past antivirus protection.
This push led to ransomware like CryptoLocker, Cryptowall, and TeslaCrypt. Ransomware is the stubborn baby sibling of the malware family, and first arrived towards the end of 2013. CryptoLocker was particularly vicious, and swept through thousands of computers in little more than a week.
IT guys and tech experts tried installing new hard drives, updating BIOS, and restoring and resetting systems but nothing worked. Users quickly discovered that the hackers were sticking to their word: pay the ransom and they’d make the problem go away.
Which begs the question: when was the last time you backed all your files up on an external hard-drive or in the cloud? Get on it!
3. You probably won’t even be able to pay in pounds (or your local currency)
Ransomware is sneaky, and many of the hackers behind it are very smart and very involved in the tech scene. Writing for the NYTimes, Alina Simone tells the story of how her mother’s computer was infected with ransomware.
Her mother was faced with a decision: pay up or lose everything. Having rang several IT departments and asked for help, it looked increasingly likely that Alina’s mother would have to pay up.
But instead of paying in her native dollars, she’d have to pay in Bitcoin. During a snowstorm in Massachusetts. Much worry and missed payments followed, and eventually Alina’s mother had to use the message interface that came with the virus to haggle with the hackers.
It worked and they sent her the decryption key.
According to the FBI, the Cryptowall, a particularly popular Ransomware hack, made $18 million in Bitcoin payments between April 2014 and June 2015. That’s a lot of cash.
4. Ransomware will sometimes tell you that it’s the police
Whether that’s an Garda Síochána in Ireland, the FBI, or your local police, a strain of ransomware involves a message on your locked computer telling you that your computer has been locked because you’ve:
· Stolen or pirated files and viewed them on your computer.
· Been linked to illegal information shared between devices.
· Viewed or been involved with the distribution of child pornography.
· Accessed banned websites.
The message is very realistic, with logos and text, and is a terrifying thing to see when you switch on your computer. Thankfully, the police-variant of ransomware can often be removed manually with a bit of tech savvy.
5. Ransomware is sneaking over to mobile
As we said above, ransomware has been around on computers since 2013, but it’s recently started appearing on phones too. Usually, your phone is locked by “the FBI” and they demand you make a payment or else all your files will be wiped.
Instead of paying your fee, you should regularly back up your files and wait it out. Seriously, if you only take one thing from this article let it be that you start regularly backing up your files!
What do I do if I’ve been infected with ransomware?
If you think you’ve been infected with ransomware, get your computer to an IT expert as soon as possible or try the method for removing the Garda/police/FBI virus. If that doesn’t work and you haven’t backed your files up recently, you may have no choice but to pay up.
The best way to deal with ransomware is to avoid it altogether. Install antivirus software and regularly scan and back up your files to keep ransomware at bay. Same goes for mobile too!