There is little doubt that 2016 will be called as the “Year of Ransomware“. The attacks have evolved and one can even find hybrid malwares comprising of a ransomware and a trojan doing rounds on the internet. The ransomware attacks in particular have become more targeted and expensive. The Bitcoin system that is not tracked by any financial regulator is actively helping the criminals to extort money over the internet. In this article we talk about 5 ransomware that became infamous in 2016.
1. Zepto Ransomware
In June 2016, Zepto Ransomware which is a new version of the Locky ransomware was unearthed as its makers unleashed it upon the users worldwide, affecting computers across the globe. The basic principle of the Zepto Ransomware remains the same. It works like a typical ransomware does, seizing the files on a victim’s PC and encrypting them. Its trademark is that it changes the name of the files to its own extension: .zepto, which is why it has now become known as the Zepto Ransomware.
2. Cerber3 Ransomware
According to AVG researcher Jakub Kroustek, the Cerber 3 Ransomware is already roaming in the cyberspace and making its kill. As per the findings, Cerber 3 is an advanced malware which unlike its predecessors contains certain fixes that do not allow malware researchers from decrypting the files. Cerber 3 is being distributed via Ransomware-as-a-Service scheme and therefore is slated to increase the number of infections across the globe. The ransomware is also different from its predecessors in its mode of distribution. The malicious campaigns which are spreading Cerber 3 are different from those for its other variants. As per a report by researchers at Israel based Check Point security firm most of the infections of Cerber 3 at present are in Asia especially in China and South Korea.
3. FairWare Ransomare
Well, there is a debate going on if FairWare is a ransomware in its truest sense or just a scam? This ransomware has been specially designed for Linux users and allows the hackers to hack the Linux server, delete the web folder, and then make a demand of ransom which has been put to two bitcoins. Only once the demand is met, the user gets back his/her files. The attackers also engage in social engineering by sharing an article which quotes FBI asking users to pay ransom to get files back. It is being suspected that most likely attackers are not encrypting the files as it happens with other ransomwares. Instead they are simply uploading them to a server controlled by them.
4. Wildfire Ransomware
A malware by the name Wildfire Ransomware went on a rampage in 2016. It has been attacking computers everywhere but in recent days it has taken Belgium and Holland as hostage. The Ransomware has targeted Dutch and Belgium based users in recent days. It starts with phishing email containing a malicious attachment. The Dutch cyberspace is flooded with emails meticulously designed for Dutch users. The email claims to be from a transport company. It suggests that the target has missed a parcel delivery and encourages him/her them to fill in a form to rearrange delivery for another date. It’s this form which which is infact a malicious attachment and drops Wildfire Ransomware onto the victim’s system and locks it down.Any victim whose system has been infected by Wildfire ransomware can now simply download the decryptor tool from No More Ransom website and get back his/her files for free.
5. Petya Ransomware
The PETYA ransomware is one of the recent malwares that encrypt victims’ hard drives until a fee is paid. The advice from the government is not to pay the ransom, but a password generator has been created that means you can decrypt your hard drive for free. With access to a spare machine to read the drive and access to the online tool created by Leostone, you could have your data back in seconds.