Most people know that viruses can damage their computer. The extent of the damage may range from just an inconvenience to completely destroying your hard drive. Other types of malware such as spyware or adware can infiltrate machines and use them to collect information and tie up system resources. But have you heard about viruses that can infect your computer and then attempt to actually extort you?
It’s called ransomware. Essentially, it works by holding your data hostage and requiring you to make a payment to regain access to it. Unlike traditional viruses that just wipe out data, ransomware makes encrypted copies of your data and then erases the original data. In order for your computer to be able to access these files, it needs the encryption code. If you try to access such data on your computer, you’ll be prompted with a message reading something like the following:
Your files have been fully encrypted with a sophisticated algorithm. To gain access to these files, you’ll need to purchase our decrypting too, which you can buy at xxx
In some cases you are directed to pay directly for this decryption software, but in others you have to make several purchases at other websites. No matter what the details, the fact remains that you will be asked to pay money for access to your own files. So, what should you do in this situation? Well, you have two options.
Agree to the terms and pay the ransom.Find a way around the ransomware and recover as much data as possible.Paying the Ransom
Aside from having to admit defeat to the criminals, there are several possible problems associated with deciding to pay to get your files back. First of all, you’ll have to reveal your payment information to these criminals. WhoĆs to say they won’t use it to further steal from you? Second, what guarantee do you have that you will actually be given access to your files if you do choose to pay?
Try to Crack the Code
Obviously the more desirable solution, getting around the ransomware and decoding the encryption code might be difficult but it is not impossible. The first versions of ransomware that came came out had very weak encryptions, making the codes fairly easy to break. Gaps in their programming made them vulnerable to reverse engineering which could decipher the code. The latest version of ransomware uses the RSA-1024 encryption algorithm, which is very advanced and difficult to crack, even for the most skilled programmers.
Reformatting
If all else fails, you can always reformat your computer. The obvious downside to this is that you will lose all of your data, and you computer will be restored to how it was the first day you booted it up. The upside is that you will also effectively delete the ransomware that is holding your computer hostage.
Try to Find the Code
Although the very latest version of this malware has yet to be hacked, that doesn’t necessarily mean that previous versions haven’t had their encryption codes available online. You should definitely do a Google search of the name of your particular virus and see what comes up. You might just find instructions on how to unlock your data yourself.
Restore from a Back-up
Depending on how long it has been since your last data backup, you might be able to use the backed up data to restore your computer and rid it of the annoying ransomware. However, any data created since the last backup will be lost. Also, even if a restore is successful, it’s important to remember that your computer is back to being as vulnerable as it was before it received the infection, so you should consider enhancing your systems security.
Tags: ransonware
This entry was posted on Sunday, September 14th, 2008 at 4:14 am and is filed under Information. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.