Ransomware is a variant of malicious software that hijacks and blocks the victim's computer system or files, requesting a ransom to recover them again.
The growth of these types of attacks has been spectacularly increased in recent years due to the great ease that cybercriminals have in taking advantage of penguins.
Infection pathways
The infection pathways used by the various types of ransomware do not differ from the other categories of malicious software. The following describes some of the most commonly used infection methods:
Use of spam/phishing messages. Possibly this is the most used infection vector. The use of spam or phishing messages linked to social engineering, so that the user can execute a certain attachment or access a specific URL, is one of the most common techniques to execute any harmful code on the user's computer.
In other cases, less elaborated, the emails directly contain as an attachment to the harmful file itself.
Vulnerabilities in the web browser. In these cases, when the user navigates to certain compromised websites, he redirects the browser to a second harmful site where a “Web Exploit Kit” is installed that will try to exploit some vulnerability of the browser or any of its plugins. That is why it is so important to keep the browser updated.
RDP (Remote Desktop Protocol) services. Systems with predictable passwords or vulnerable to dictionary attacks. Attackers often use automated tools that scan computers massively for services such as Terminal Server.
Subsequently, they will try to access it through commonly used accounts and passwords: admin, Administrator, backup, console, Guest, sales, etc.
I think I am suffering from an infection. What do I do?
If you suspect that after opening an email or accessing a website, your computer slows down or the hard drive indicator LED flashes steadily could be symptoms of a ransomware attack.
When in doubt it is better to turn off the computer and disconnect it from the lan/wifi network. We can get lucky and prevent ransomware from encrypting all computer files, USB storage devices or mapped network drives.
All protection is little
** Zonealarm one more wall of defense against ransomware**
The growth of this type of attack and the disastrous consequences that it causes to the victims of these has made us rethink, further increase the security offered by the Zonealarm anti ransomware, complementing this with software that allows complementing in a very effective to our antivirus service.
Thanks a lot for sharing this great piece of information, it was really helpful and anti rensomware should be tried.