Paper 2019/605

A note on different types of ransomware attacks

Mihail Anghel and Andrei Racautanu

Abstract

Ransomware are malware whose purpose is to generate income for the attacker. The first of these malware made intense use of cryptography, specifically for file encryption. They encrypt some or most files on the computer before asking a ransom for the decryption. Since they appeared, however, ransomware have evolved into different types which fulfill their task in different ways. Some encrypt files and data from the hard drive, others block access to the OS or use private user data to blackmail the user, some aren’t even a real threat, but they scare the user into paying for some fake service or software. The software security industry is well aware of these threats and is constantly analyzing the new versions and types to determine how dangerous they are and to provide an updated protection solution. This article tries to investigate and compare the way these malware work and how they affect the victims computer. Our analysis will provide interesting insight into how they work, it will highlight the particularities of ransomware and will give some information about why some of these malware are more dangerous than others.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Preprint. MINOR revision.
Keywords
ransomwareanalysisinfectioncrypto-ransomwarelocker-ransomware
Contact author(s)
racautanu andrei nicolae @ fenrir info uaic ro
History
2019-06-02: received
Short URL
https://ia.cr/2019/605
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2019/605,
      author = {Mihail Anghel and Andrei Racautanu},
      title = {A note on different types of ransomware attacks},
      howpublished = {Cryptology {ePrint} Archive, Paper 2019/605},
      year = {2019},
      url = {https://eprint.iacr.org/2019/605}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.