Ransomware is a form of malicious software, is used to extort payment from the victim’s computer. There are two forms of blackmail existence.
One type is the system’s hard drive where the file is encrypted viruses. The second type is the host where the virus is completely locked. In both cases, it displays a message requiring users to pay.
Ransomware threat to growth:
1: Recently there has been a software-based attacks extortion a huge growth in cybercrime obviously generate significant profits through extortion. According to the US Department of Homeland Security, said the extortion encryption locks software programs and variants in 10 months time to get more than 100 million US dollars from the victim there.
2: whether business or individual users there is a missing file and permanent documentation of high risk
3: I can not guarantee that you can pay after access to your computer or open the file
Encryption locks: the most famous extortion software
1: encryption locks appeared in 2013
2: It is a link in a malicious e-mail or download the driver inside
3: First, it tries to connect to the command and control server
4: It creates a 2048 bits RSA keys (public and private keys), and then upload it to the server key
5: A malicious software tries to encrypt user information valuable infected host
6: a public key stored in the host, while the private key is stored in the command and control server
7: All the dongle just for money, and threatened to destroy the private key if you do not pay malicious software
9: If the host is encrypted lock infection, it will be difficult to repair
10: encryption locks also incorporates Gozeus work together, Gozeus trying to obtain financial information from the company mainframe. If it can not find anything to continue the search. Encryption locks trying to encrypt important files and lock the computer and extortion.
Since the dongle is found, numerous variants procedures have also been found, they all use the same strategy.
Clear dongle steps:
The following is a blackmail virus can be removed from the host under any circumstances approach.
1: AntiVirus and Anti-Malware – this will help scan and remove ransomware
2: Network security mode – this option provides you with a host system connected to the network, even if the system can also be infected.
3: Use the boot recovery CD to store your system
4: Secondary Hard