5 Most Dangerous Ransomware Strains

New ransomware variants are getting more sneaky and pervasive than ever.

Credit: Ver2exe | Dreamstime.com

Ransomware, the type of nasty, malicious software that locks down a user’s machine and demands a ransom, is increasing in frequency, scale, and sophistication. Nevertheless, the biggest concern and a headache for cybersecurity experts is the fact that ransomware has successfully made its way to businesses.

Research by Bitdefender warns the cost of ransomware attacks has doubled in just a year, as businesses paid hackers around 2 billion dollars in 2017, twice as much compared to 2016.

Last year alone, 69% of companies were hit by a ransomware attack, according to the recent report by Radware. Shockingly, more than half of respondents admitted paying the ransom in the attempt to unlock encrypted business files, despite expert warnings not to do so.

While companies are spending millions responding to ransomware attacks, hackers are pushing their attacks to the next level. Malicious actors are continuously developing strategies to improve existing methods of money extortion, as well as creating new variants of “pseudo-ransomware” to distract the world from greater, more destructive crimes.

Last year saw a number of pretty nasty strains of ransomware. These 5 are some of the scariest.

#1 WannaCry

A new strain of ransomware WannaCrypt (also called WannaCry) that started spreading on May 12, 2017, is considered the biggest ransomware attack in history.

Credit: Benjawan Sittidech | Dreamstime.com

The malicious software infected hundreds of thousands of devices across the world, affecting businesses, as well as public utilities, including banks, telecommunications companies, and hospitals all over the world. Notably, the attack shut down vital medical systems, creating chaos and directly affecting the lives of many patients.

WannaCry targeted a flaw in Windows Server Message Block (SMB) protocol, using an NSA exploit called EternalBlue, which had been leaked just a month before the attack. Once it gained access to Windows computers, it encrypted users’ files before displaying a message demanding a ransom from $300 to $600 for the key to unlocking the data.

The devastating attack was in fact entirely preventable, as a patch for the security loophole from Microsoft had been available two months prior to WannaCry.

#2 Petya/NotPetya

Only a month after WannaCry, another attack exploded, again hitting thousands of organizations and businesses in multiple countries.

Credit: Tainar | Dreamstime.com

Cleverly designed to look like a new version of the infamous Petya ransomware, the malicious software quickly appeared to be a wiper worm with a purpose to permanently destroy users’ data instead of keeping it hostage for a ransom.

The criminals behind this ransomware-like attack employed two previously leaked NSA exploits as well as credential-stealing tools to spread the worm across the network once a computer was infected. The way NotPetya reached Windows computers was via a compromised update for a widely used accounting tool, as well as phishing emails.

#3 Bad Rabbit

As soon as the world finally recovered after the two major attacks, new ransomware dubbed Bad Rabbit hit Eastern Europe and many other countries around the world.

Credit: Pinanatreeangle | Dreamstime.com

This data-encrypting malware spreads through malicious downloads. A malware dropper was injected in some popular websites, patiently waiting for a user to download the malware, disguised as a legitimate Adobe Flash installer.

After a victim installs the malicious file, they find themselves not being able to access their data. Instead, they are lead to a site with a ransom announcement, requesting to pay a certain amount of money within given time.

#4 Locky

Locky is one of the most successful forms of ransomware that keeps reappearing in the cybersecurity world, and each time it returns stronger and sneakier.

Credit: Wutthichai Luemuang | Dreamstime.com

Locky is typically distributed via spam campaigns, as it appears to be one of the easiest and cheapest ways to deliver malware. Once a user follows the urgent request to download an “important” document and enables macros as asked in the message, they will immediately lose access to the contents of their computer and will be demanded to pay a ransom in exchange for the decryption key.

Although the scheme sounds pretty straightforward, you would be surprised how many users tend to fall for phishing scams, opening malicious attachments and extracting zip files.

#5 Jaff

Jaff is a ransomware strain very similar to Locky. At first glance pretty simple, and yet - extremely successful.

Credit: Jozsef Bagota | Dreamstime.com

Mimicking the phishing scheme used by Locky, Jaff employed the Necurs botnet to send malicious emails to potential victims at an impressive speed: approximately 5 million emails in one hour.

Comparing to Locky and other similar ransomware attacks, Jaff can be called an ambitious one. To get their encrypted files back, users were required to pay more $3,000, while others typically ask for a couple of hundred of dollars. And like with any other attack, there’s never a guarantee for victims to receive the decryption key.

Stopping ransomware

While ransomware was the dominant type of cybercrime in 2017, experts warn that this year could be even worse in terms of money and data loss. Therefore, it is extremely important for organizations, as well as individuals to be aware of possible threats and learn how to properly protect themselves.

The first line of defense against ransomware attacks is actually very simple - watch out for phishing scams. To prevent malicious software from getting into your device, you should be careful with suspicious email messages, especially those that ask you to download attachments and enable macros. Never do that!

Next, secure your device. Get a reliable anti-virus software and a VPN. Together they will do a great job of fighting malicious online threats. It’s crucial to do periodic backups of all the important files so you can access them even your computer gets infected with malware.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags infosecransomwareSecurity Watch

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.
Show Comments

Cool Tech

Toys for Boys

Family Friendly

Stocking Stuffer

SmartLens - Clip on Phone Camera Lens Set of 3

Learn more >

Christmas Gift Guide

Click for more ›

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Aysha Strobbe

Microsoft Office 365/HP Spectre x360

Microsoft Office continues to make a student’s life that little bit easier by offering reliable, easy to use, time-saving functionality, while continuing to develop new features that further enhance what is already a formidable collection of applications

Michael Hargreaves

Microsoft Office 365/Dell XPS 15 2-in-1

I’d recommend a Dell XPS 15 2-in-1 and the new Windows 10 to anyone who needs to get serious work done (before you kick back on your couch with your favourite Netflix show.)

Maryellen Rose George

Brother PT-P750W

It’s useful for office tasks as well as pragmatic labelling of equipment and storage – just don’t get too excited and label everything in sight!

Cathy Giles

Brother MFC-L8900CDW

The Brother MFC-L8900CDW is an absolute stand out. I struggle to fault it.

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?