+91 9116117170

Cyberops InfoSec Expert training by leading Ethical Hacking Experts

Ransomware: The offenders of the new millennium

By Chandan Singh 0 Comment May 22, 2017

The ransomware WannaCry broke new grounds to show how digitally vulnerable we are – using NSA’s malware to infiltrate MS windows and possibly holding to ransom an unreleased Disney film. Last year, ransomware extorted over $1 billion from victims. ET Publication examines the extortionists of the new millennium.


The current attack by ransomware WannaCry is definitely the worst ever, with more recent versions appearing even as solutions are found to deal with existing types.

* It surfaced on, may 12, exploiting a weakness in older versions of Windows, especially Windows XP, and locking computers and servers, challenging payments for unlocking them.

* The weakness of Windows was first found by US surveillance agency NSA. Tools developed by the NSA were outed by hacking group ShadowBroker, in mid-2016. The Wanna cry creators have used the different tools to penetrated Windows.

* A kill-switch for WannaCry was accidentally available, but the latest versions seem to have been launched which corrected this weakness.

* The ransomware demanding the payments in bitcoins, equivalent to $300-600. Which is more than 200,000 computers/servers were affected in 150 countries.

Lazarus Group

A North Korea-based cybercrime group is being suspected of perpetrating the WannaCry strike. They’ve been associated with Operation Troy that targeted the South Korean authorities in 2009-12, the strike on Sony Pictures in 2014 and the Bangladesh Bank recording

Rogues gallery: Cyber extortionists

AIDS Trojan malware
The first recorded ransomware attack was at 1989 and was distributed on floppy disks sent via post. These supposedly assessed a person’s likelihood of contracting AIDS but a new virus that protected data once the PC restarted 90 times. It then demanded repayment of $189 or $378 to be delivered to a PO Box in the country ofPanama.

The most dominant ransomware and probably the most damaging till a particular date. It damaged 250,000 systems between Septemeber and November 2013 and made $3 million for its creators. In 2014, the Gameover Zeus botnet, which was beyond at the CryptoLocker, and was destroyed in a concerted global operation.


Simply by February 2016, Locky changed Cryptowall as the highest actively spread ransomware.

TeslaCrypt or Alpha Crypt
This demanded payments in bitcoins as well as through conventional platforms like Pay-Pal. It is said to have extorted over $70, 000 in 2015.

In March 2016, it emerged as a much more complex version of ransomware encrypting the master file table, rendering the computer system unusable.

A later ransomware that deletes a large number of files for each and every hour that ransom is not paid.

The malware primer

Malware: A short form of malicious software that is employed to disrupt any computer procedure to gain information or steal money.

Ransomware: Software programs or malware that can deny getting data and information on a system. Generally, they demand a repayment to undo these changes. Ransom amounts averaged around $300 within the previous decade but is now hovering around $500 tag. Frequently, the demand is doubled when it is not fulfilled by the deadline.

Botnet: A bot or a web robot is a malware that allows an attacker to take over a computer. A PC used over by a bot is often referred to as a zombie computer. A botnet is a network of similar computer systems.

DDoS: Distributed Denial of Service is called the older cousin of ransomware, where hackers overcome a machine or a server with traffic from multiple compromised systems. A DDoS struck the web servers of Dyn, which handles most of the domain name system (DNS) infrastructure, in 2016.

Famous victims of wanna cry

* French car manufacturer Renault UK’s National health Service Russia’s Interior Ministry.

* Disney CEO Robert Iger said a hacker group has threatened to release one of the upcoming movies (suspect to be the new Buccaneers of the Caribbean or Cars 3 ) until a ransom is paid in bitcoins. It is not necessarily clear if it is the same hacker group lurking behind WannaCry.

* The Tirupati Temple Trust reported that a number of its computer systems were damaged by WannaCry as was the Andhra Pradesh Police.


error: Content is protected by Cyberops !!