Previously, the word "virus" almost did not cause fear, especially for experienced PC users. The overwhelming number of malicious programs was perfectly manageable by antivirus. But with the beginning of the "cryptocurrency era", new varieties of viruses have appeared that partially or completely encrypt user data and extort redemption into digital coins for their release. These viruses are very complex and dangerous, even cybersecurity experts are impotent with some of their representatives. In this article, we will talk in detail about what these viruses are and how to protect themselves from them.
(please click on the topic to scroll down)
- How do the viruses that extort BTC work?
- History of virus extortioners
- List of the most popular virus extortioners
- How to protect your computer?
These Trojans are encrypted files that you can accidentally copy to your computer in several ways:
- by clicking on a suspicious link;
- by downloading the file in a questionable origin (only shops and official websites are reliable sources)
- through an infected USB flash drive
After the virus is inside the computer, its algorithm opens fraudulent access to the PC. Thus, the virus creator in manual mode initiates the hashing process of the victim's files using the arbitrary key generated, known only to him. Subsequently, a message appears on the victim's monitor with a request for reimbursement and deadline for the fulfillment of these conditions, established by the fraudster.
It should be noted that there are no methods to combat this type of Trojan. There are only two options left:
- to pay the ransom and hope in the honesty of extortion
- to format the hard disk, reinstall the operating system and, consequently, lose the unsaved files.
The idea of requesting a ransom to unlock files is not absolutely new. Even a couple of decades before the appearance of Bitcoin, that is to say in 1989, the first large-scale AIDS virus extortion attack took place. This virus was distributed through infected disks, which were distributed to participants at one of the medical conferences. The principle of action of AIDS is almost the same, but since it was a pioneer in this field, surely, modern analogs are much more complex and more perfect than their ancestor.
Let's briefly list the top-level trojans in this area:
This virus is older than Bitcoin  the first mention went back to 2006, when he started studying in one of the antivirus laboratories. Archievus has asymmetrically encrypted the data contained in the "Documents" folder. The victim was asked to pay the so-called "access services" in order to access his files again. Then it was a fiat, since the concepts of cryptocurrency had not yet existed.
This, at the time, very popular viruses, getting on a hard drive or SSD turned the gadget into a "farm" for cryptocurrency production. When the complexity of mining was not very high, users lost only part of their productivity.
Perhaps he is the most popular representative of the extortioners from all of the above. The peak of activity occurred in May last year, so more than 200,000 PCs were infected in just 24 hours. Residents of Ukraine, India, Taiwan and Russia suffered more.
The WannaCrypt virus blocks access to private files and asks for a ransom of about 300 – 600 dollars (at the rate of BTC / USD in May 2017). There are two ways to go out: pay or format.
The main "trick" of this virus is the fact that it was created for users of "unapproachable" for MacOS Trojans. It was released in 2016. It could be collected by updating the torrent client transmission. 1BTC (for those times it's only $ 400) Apple users were asked to unlock the files.
"Bad rabbit" disturbed residents of Russia and Ukraine in late October 2017. Hackers through this virus have encrypted the data of the victims and demanded a ransom of 0.05 BTC, (according to that rate it was around $ 300). This virus has infected the computers of the editorial offices of popular mass media and state structures. In general, hackers tried to beat where data loss was a very painful process.
This virus is not an extortionist. The principle of his work is to replace the cryptocurrency portfolio in the clipboard. Combojack checks when the user copies the address of the cryptocurrency portfolio and replaces it with another (of the creators of the virus, of course). The victim due to the trivial inattention sends money to the fraudster's wallet. The transactions in the crypt are irreversible and the attackers bet on this.
In order not to become a victim of fraudsters, we must respect the elementary rules:
- never download files from untrustworthy sources;
- use only licensed software and
- to use a secure connection in the browser;
- to purchase a license for a good antivirus;
- periodically (more often, better) for copying important files to external media.
There are many different viruses on the World Wide Web. Some of them are harmless and unable to cause many problems. But, together with them, there are also very complex and dangerous, which can not be cured even by high-class specialists in the field of information security. Therefore, you need to be constantly vigilant, use only licensed software and in a timely manner duplicate important files.
Subscribe to The Coin Shark news on Facebook: https://www.facebook.com/coinshark/