Thursday, May 18, 2017

What is Ransomware? How to be safe?

What Is Ransomware?


What is Ransomware? Ransomware is type of malware that covertly get install on victims device like computer or smartphone. This malware hold victims device ransom by restricting access to the computer by locking  or encrypting data files on computer. Ransomware malware displays a ransom note and forces its victim to pay some ransom through online payment inorder to grant access to their system or provide key to decrypt all encrypted data on computer. This malware either restrict access to computer or encrypts files.


           When system is infected popup window appears on computer tells you to pay some money with countdown timer left on the window. If you fails to pay within given time, the fee will be doubled and if you fail to pay within deadline, you will lose all files forever. Payment is accepted only with BitCoin.

How to be safe from ransomware?

1. Backup your data

The thing that will prevent you from Ransomware is taking backup regularly. If you are infected with WannaCry Ransomware you may lost all files and will not able to recover them. Also Cryptolocker will encrypt all files on your computer. So better way regularly take backup of your data somewhere like External HardDrive or cloud, doing this your data will be safe.

2. Show hidden files extensions

Cryptolocker frequently arrives in a file the name with extension ".mp3.exe". This files cavertly installs on machine without knowing user. If you have habit to see full file extension you will be able to spot suspicious files on your computer.

3. Filter Exe attachment in Emails

If your email service provider has ability to filter EXE files you can easily deny mail with EXE files. You can filter out EXE files from your mails. Dont download any attachment file in your Email it may be a EXE file. So be careful while downloading any attachments in email ensure that it is from genuine source.

4. Cryptolocker Prevention kit

Cryptolocker prevention kit is the third party tool that prevent your data from encryption. It disable files running from App Data and Local App data folders and also disable executable files running from temp directory.

5. Disable Remote Desktop Protocol

Ransomware is the malware target machines using Remote Desktop Protocol. RDP is utility that allows others to access your machine remotely. So if you are using RDP immediately turn it off otherwise Cryptolocker will enter in your machine remotely.

6. Use Reputed Antivirus

It is always better to use good Antivirus software and it will help you to recognise threats or suspicious file. Malware author regularly send new variants, to try to avoid detection. Antivirus software is the best protection for such suspicious activity and threats. Also regularly update your virus defination of antivirus.

7. Disconnect from Wifi or LAN

If you run file that you thing it maybe Ransomware, but still you have not seen any popup window related to Ransom. Quickly disconnect you computer from Wifi or LAN, you might be able to stop communication with C&C server before it finish encrypting your data. If you disconnect yourself from network you will be safe. It take some time to encrypt files but if you succeed to stop encryption you might mitigate the damage.

That's all for this article. Thank You.



Post a Comment

Subscribe to Post Comments [Atom]

Links to this post:

Create a Link

<< Home