You wake up one day, rub the sleep out of your eyes, and boot up your laptop. Expecting to see a Twitter feed or Facebook profile, instead you’re greeted with a big red image, demanding that if you don’t pay €200 to an unknown party in the next 24-hours, everything you know and love on your computer will be erased, and gone forever.
Welcome to the world of “ransomware,” the newest, hottest way that underground criminals are pulling cash from the pockets of innocent victims and using it to fund their clandestine operations. But what exactly is this ransomware stuff, and is there anything you can do to protect yourself against it?
Unlike classical malware that installs keyloggers, backdoors, or trojans on a computer in the hopes that a user would eventually type in the details of a credit card or other personal information that could later be used or sold, CryptoLocker and its many subsequent variants offered a simple, and reliable revenue stream that the underground market could capitalize on to fund other, less-profitable operations.
Amounts demanded for the ransom would vary wildly depending on the criminal ring behind it, anywhere from €25 to €6000, almost always paid either in Bitcoin, or sent through MoneyGram onto untraceable prepaid cards in Eastern European nations.
The threat goes mobile
Not soon after PCs were experiencing a torrent of total lockdowns, both mobile security firms and mobile phone owners were reporting that the threat had migrated onto select pieces of hardware running Google’s Android operating system, and even a few devices in the iOS ecosystem we subjected to similar attacks.
mobile ransomware would work much the same as its bigger cousin, locking down a device entirely, with only a message being displayed that demanded an exorbitant sum be paid within a certain amount of time or the phone would be wiped clean.
Luckily, many of the victims of mobile attacks were relatively safe from harm, as most phones and tablets with Android or iOS automatically back up vital internal data like photos, contacts, notes or texts to cloud services every time the device is plugged in for a charge. Sure, they might have lost a couple songs stored on their SD cards, but other than that, the damage caused by mobile ransomware is significantly less pronounced than what we’ve seen on full-fledged PCs.