Thursday, March 9, 2017

Evolution of Ransomware: Part III

  • MBR Ransomware 

   

It goes one step farther than the other three types mentioned above in terms of how the computer is locked.
MBR Ransomware can change your computer's Master Boot Record (MBR) and interrupts the normal boot process.
The MBR is a partition on your computer's hard drive that allows the operating system to load and boot.
MBR Ransomware may look scary, but this type of infection can easily be removed. The ransom message often says that the files have been encrypted, but in reality, they are not.

  • File Encryptors

This kind of ransomware can encrypt your personal files and folders using complex encryption algorithms to make your computer’s data unusable.
The malware author then demands that you pay for the decryption key using one of the online payment systems mentioned above.
The ransomware often leaves a file (or a “ransom note”) on the victim’s machine with payment instructions. This type of ransomware may or may not lock your screen.

(continued in next post...) 

at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Operating system - Part 1:

 In our blog, we published several articles on OS concepts which mostly on the perspective for malware analysis/security research. In few in...