What is Ransomware attack; How to prevent it?

By now all of we have heard of the global ransomware attack. It has created a lot of confusions in the mind of computer users. Over 60,000 companies of more than 100 countries have become the victim of this malware. So how this ransomware works and what are the possible solutions……

The term ‘RANSOMWARE’ itself gives the idea of its nature. It is somehow related to some kind of ransom. Yes, exactly it is. It is a type of malware which gets into your computer and locks down all the files. Afterwards it seeks for money from the user in order to get access to the locked files. The recent ransomwares are smarter than ever. It just not only locks down the files rather it encrypts the files which makes it really impossible to crack open the locked files. As a result the users do not have any other way to regain access to their locked files but to pay the money and get the decryption code.

So how does it get into your computer..???
The easiest to get into someone’s computer is through attachments of spam emails or by entering into any unknown link. The extension of these files are different than the conventional files. Usually users turn off the file extensions, so they can not know what kind of file they are clicking on. The virus file pretends like a doc file or any other text file. But if you turn on the file extension of your computer you will see that the file extensions are different. As you click on the file all your data start encrypting and eventually asking you for ransom.

In case if you are interested these are the possible real extensions of ransomware files……( .ecc, .ezz, .exx, .zzz, .xyz, .aaa, .abc, .ccc, .vvv, .xxx, .ttt, .micro, .crypto, _crypt, .crinf, .r5a, .XRNT, .XTBL, .crypt, .R16M01D05, .pzdc, .good, .LOL!, .OMG!, .RDM, .RRK, .encryptedRSA, .crjoker, .EnCiPhErEd, .LeChiffre, .keybtc@inbox_com, .0x0, .bleep, .1999, .vault, .HA3, .toxcrypt, .magic, .SUPERCRYPT, .CTBL, .CTB2, .locky or 6-7 length extension consisting of random characters.)

The recent ransomware which is causing mass loss is known as #WannaCry. This asks for opening a javascript file in your email in the format (.js). So it is now recommended not to open any unknown attachments sent through emails.

How to recover a ransomware infected computer……..?
Well, for now there is no way to open the encrypted files. As I mentioned earlier you have to pay through bitcoins in order to get the decryption code.

Safety measures:
1. Keep your Operating System up to date.
2. Keep you Anti-Virus up to date.
3. Create back up for the most important files either in a secured hard drive or in a secured cloud storage.
4. Do not open any email attachments from unknown senders.
5. Be careful while opening and downloading from any unknowing third party websites.

Stay safe!