Review 2015 of the heartbreaking ransomware
The old saying goes: It turns out that ransomware will also make people face-to-face, because even the FBI is helpless. The FBI has publicly stated that the smartest choice for a ransomware infection is to pay by condition. The following small series summarizes the heartbreaking ransomware that emerged in 2015. The New Year has already begun. I wish you never be infected with these ransomware, and everything goes well! 1. teslaCryptTeslaCrypt ransomware targets players on major gaming platforms, including Call of Duty, Diablo, rest of life, Minecraft, Warcraft, and F. e.A. r, Assassin's Creed, Resident Evil, World of Warcraft, League of legends, and world of tanks. TeslaCrypt uses the Flash Player Vulnerability (CVE-2015-0311) or an old IE browser vulnerability to implant TeslaCrypt ransomware into the target system. Then the victim files are encrypted to ransom. 2. PacmanPacman is a relatively tricky ransomware. Unlike other phishing emails, he claims that he has just migrated to a local location and wants to find a masseuse. The email also contains a link that the sender calls to point to a medical image file and, in fact, to a ransomware. This malware is difficult to remove because it can kill processes and disable the windows Task Manager function. 3. TOXTOX is the first tool to apply the business model of ransomware in a new way. The tools used to build and operate Tox ransomware are free of charge, however, the website hosting ransomware charges 20% of the profits. TOX ransomware is not complex and easy to use. The other party only needs to register on the tox website (the website uses the tor network) and enter the ransom amount to be requested from the victim, the standard ransomware provided by the sending system and the address for receiving bitcoin payments. 4. ChimeraChimera emerged for the first time in May, but the ransomware business model has been launched to collect 50% of the customer's profits. Interestingly, the ransomware operators they recruited are primarily victims. Chimera is also mainly transmitted via email and written in. NET Framework. Analysis showed that the first stage of malware not only decrypts and extracts the code of the second stage, but does not execute any malicious functions. In the second stage, the run_pe () function calls fnDllEntry () in metadata reflection (). In stage 3, the core features of malware began to emerge. 5. Cryptowall has a series of malicious ransomware that, once victims are infected with these viruses, they will immediately encrypt all files on the machine. Virus infection can be performed on a victim's machine through seemingly legal attachments or malicious programs on the hard disk itself. Cryptowall has been updated since its appearance in 2013 and has been updated to Cryptowall 4.0 so far. This version of Cryptowall integrates with the Nuclear exploit kit, the most powerful intrusion development tool in the underground market ). 6. Koler is a mobile phone ransomware. When a mobile phone user visits an adult website, the malicious software is infected and ransomware. The ransomware exploits the shame of the victim. If the victim does not deliver a ransom, the attacker will send messages from the victim browsing the adult website to all contacts on the mobile phone. Despite listing the above ransomware, we do not want you to use them. I advise you to be a good law-abiding citizen, so you will be happy to go home for years.