How Does Ransomware Get on your Computer
Ransomware is an advanced form of malicious malware that has the ability to encrypt all data saved within a victim’s computer. As ransomware creators continuously develop and innovate ransomware attacks, learning how does ransomware get on your computer becomes a must-have knowledge to prepare you once it starts to exploit your computer’s vulnerability.
Ransomware creators use complex sets of evasion techniques so users will have a hard time knowing that they’re being eyed for a ransomware attack. Ransomware is also capable of scrambling all your file names, so it would be more difficult for victims to distinguish the infected files from those which are not.
So How Does Ransomware Get on your Computer?
Ransomware creators use military grade encryption algorithm and pioneering social engineering tricks to exploit potential victims’ computers who lack enough cyber security protection. There are two different primary delivery channels ransomware creators use to establish attacks
Delivery Channel #1: Spam Emails
Spam email campaign is the most typically used method by ransomware creators to send out attacks to potential victims. Ransomware creators design spam emails to look like it is coming from a legitimate email address and even copy the writing voice of the institution or individual the malicious email is trying to imitate. So how does ransomware get on your computer via malicious emails? Let’s find out with this step-by step process.
How Does Ransomware Get on your Computer via Malicious Emails?
The process of how does ransomware get on your computer begins with a malicious email a potential victim will receive (most of the time on his spam inbox). This email contain malicious links or file attachments.
A potential victim lacking of proper knowledge about cyber security will click the malicious link or attachment which will download and install the ransomware to his computer.
Ransomware will now start encrypting all data (videos, images, audio, etc.) saved on the victim’s hard disk and even to other computers that is sharing the same network.
Your screen will now display the “ransom note” that contain the instructions on how and where will you pay the ransomware creator in exchange of the necessary decryption passkey.
Delivery Channel #2: Exploit Kits
Unlike malicious emails, exploit kits don’t need potential victims to click any email or file attachment to spread out ransomware attacks. Exploit kits allow ransomware creators to infect potential victims by the means of a compromised website that they’ve hacked. In exploit kits, ransomware creators upload malicious code to the a compromised website that can exploit vulnerabilities of its visitor’s browser and other software that is currently running on the device.
Let’s see how does ransomware get on your computer via exploit kits.
How Does Ransomware Get on your Computer via Exploit Kits?
Victim will click a malicious ad (a.ka. malvertising) on a legitimate website that directs him to a compromised site
The victim will be directed to a landing page in a compromised website. Ransomware creators typically make these pages look like legitimate websites so your security system will be having a difficult time in detecting the exploit code hidden on that certain landing page.
The exploit kit will now start scanning your operating system and running software (Flash, Java) for any vulnerability it can exploit. If they successfully found any vulnerabilities, the exploit kit will inject a ransomware attack to your computer.
The ransomware will now infect your computer by encrypting all data saved within the computer’s hard disk. A ransom note will be then displayed. This ransom note contains the instructions on how will you pay your attacker.
With ransomware being one most the most dangerous and widely spread malware all over the globe, proper understanding on what it is and what it can do to your computer is a must-have knowledge every computer user should know. Do not let ransomware attack hit you on the face. Act now and know how to prevent and avoid ransomware attacks from happening to not jeopardized your computer system and important data.
Comodo Antivirus Resources