Adware, spyware, and other forms of malicious software have been prevalent for the better part of two decades, but one of the latest edition to the family – the Ransomware, the malware that encrypts the infected systems and demands payment in return, has been steadily increasing its infection rate over the course of this year.
What makes this practice so popular among cyber criminals? Most of the spyware profit is driven from selling stolen data, or use of credit cards, which can be time consuming and could potentially reveal the hackers’ identity. With Ransomware, the urgency that the victims are facing before their data vanishes for good and the demand for hardly traceable Bitcoin for payment, promotes faster pay ups and better concealment of their identities.
Names like Crowti, Tescrypt, Teerac, and Locky have been pretty successful in sending individuals and companies reeling once hit. One reports suggest that over 90 percent of all phishing emails, nowadays, are trying to trick users into clicking a malevolent link or open a dangerous attachment, attempt to install ransomware.
Until recently, those attacks seemed to be targeted directly at its victims, but Microsoft warns that may no longer be the case. “ZCryptor exhibits worm-like behavior and can spread to removable and network drives to expand its attack surface”. The threat disguises itself as a fake installer, usually for Adobe Flash, along with macro-based booby-trapped Office files to distribute the Zcryptor ransomware.
When first detected, Microsoft reported the ransomware was targeting 88 different file types, but late sample analysis revealed that the number has increased to 121 file types, so it appears that ZCryptor's authors are still developing its code.
Compared to other security threats, ransomware is still relatively easy to avoid. Just pay more attention to what you are clicking on, always verify the source of email attachments and website downloads before opening files, disable macros in Microsoft Office programs, maintain regular backups and update your security software.
Read more: https://blogs.technet.microsoft.com/mmpc/2016/05/26/link-lnk-to-ransom/