Updating pirated adobe software
Instead, Win Lock trivially restricted access to the system by displaying pornographic images, and asked users to send a premium-rate SMS (costing around US) to receive a code that could be used to unlock their machines.
The scam hit numerous users across Russia and neighboring countries—reportedly earning the group over US million.
EK exploit kit surfaced; the malware was distributed via sites hosted on the project hosting services Source Forge and Git Hub that claimed to offer "fake nude pics" of celebrities.
In July 2013, an OS X-specific ransomware Trojan surfaced, which displays a web page that accuses the user of downloading pornography.
In a properly implemented cryptoviral extortion attack, recovering the files without the decryption key is an intractable problem – and difficult to trace digital currencies such as Ukash and cryptocurrency are used for the ransoms, making tracing and prosecuting the perpetrators difficult.
Ransomware attacks are typically carried out using a Trojan that is disguised as a legitimate file that the user is tricked into downloading or opening when it arrives as an email attachment.
Unfortunately, cyber criminals have been able to leverage Power Shell for their attacks for years.
In a recent report, the application was found to be involved in nearly 40% of endpoint security incidents.
While some simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called cryptoviral extortion, in which it encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them.
Ransomware attacks are typically carried out using a Trojan, entering a system through, for example, a malicious attachment or embedded link in a Phishing email or a vulnerability in a network service.
The program then runs a payload, which locks the system in some fashion, or claims to lock the system but does not (e.g., a scareware program).
While the malware claimed that this call would be free, it was routed through a rogue operator in a country with high international phone rates, who placed the call on hold, causing the user to incur large international long distance charges.
In February 2013, a ransomware Trojan based on the Stamp.A key element in making ransomware work for the attacker is a convenient payment system that is hard to trace.A range of such payment methods have been used, including wire transfers, premium-rate text messages, The first known malware extortion attack, the "AIDS Trojan" written by Joseph Popp in 1989, had a design failure so severe it was not necessary to pay the extortionist at all.The concept of file encrypting ransomware was invented and implemented by Young and Yung at Columbia University and was presented at the 1996 IEEE Security & Privacy conference.