Locker ransomware is a type of ransomware that completely blocks access to computer systems. It employs social engineering techniques and compromised credentials to infiltrate systems. Once inside, cybercriminals prevent users from accessing the system until a ransom is paid. Unlike other ransomware variants that encrypt files, Locker ransomware kicks the owner out of their device entirely. Typically, cybercriminals gain access to the owner's system by convincing them to download malware using social engineering tactics.
Crypto ransomware is a prevalent and widespread form of ransomware that primarily aims to encrypt crucial data like documents, pictures, and videos, without disrupting basic computer functions. Users can still view their files but are unable to access them, and a ransom is demanded in exchange for releasing the decryption keys. This type of malware restricts access to a computer until the owner pays the hacker. Typically, hackers execute these attacks by sending infected attachments via email to their targets.
Ransomware as a Service (RaaS) is another form of modern ransomware. It gives cybercriminals with low technical capabilities the opportunity to carry out ransomware attacks. The malware is made available to buyers, which means lower risk and higher gain for the programmers of the software. It is a business model between ransomware operators and affiliates, in which affiliates pay to launch ransomware attacks developed by operators. RaaS can be consider a variation of Software as a Service (SaaS) business model.
Scareware operates by presenting false alarms or fabricated security alerts to users, typically through pop-up messages or deceptive websites. These warnings often claim that the user's device is infected with malware or experiencing critical errors, creating a sense of urgency and prompting the user to take immediate action. In a rush to address the purported problem, users may unknowingly download and install malicious software disguised as legitimate security solutions. This software may then grant cybercriminals unauthorized access to the device, allowing them to steal sensitive information, install additional malware, or carry out other malicious activities. In essence, scareware manipulates users' fears and concerns about their device's security to trick them into unwittingly compromising their own systems.
Extortionware is a variant of ransomware wherein attackers not only encrypt the victim's device but also threaten to expose private information unless a ransom is paid. Once installed, extortionware allows perpetrators to exploit any stored information as leverage against the victim, increasing the pressure to comply with their demands. This dual threat of data encryption and potential exposure amplifies the coercive nature of the attack, compelling victims to act swiftly to mitigate the risk of personal or organizational harm.
More menacing than typical ransomware, doxxing malware not only encrypts files but also threatens to expose sensitive information or personal data of its victims. Perpetrators of doxxware leverage this threat to coerce victims into complying with their demands, putting them at risk of identity theft and even physical harm. The stakes are heightened as the potential consequences extend beyond financial loss to include severe breaches of privacy and security.
Wiper malware poses a more dire threat than traditional ransomware by not only blocking user access but also aiming to obliterate any files it infiltrates. Frequently targeting businesses, this malicious software has the potential to halt operations entirely, causing significant disruptions and financial losses. The destructive nature of wiper malware underscores its severity, as it can inflict irreparable harm to affected organizations.
Mobile deviceransomware can infect Android mobile devices via “drive-by downloads” or fake apps that masquerade as popular services such as Adobe Flash or an anti-virus product.
Ransomware encrypting web servers targets webservers and encrypts a number of the files on it. Known vulnerabilities in the Content Management Systems are often used to deploy ransomware on web services.
Lock Screen Ransomware — WinLocker locks the computer’s screen and demands payment. It presents a full screen image that blocks all other windows. No personal files are encrypted.
