Types of Ransomware

May 27, 2021

What is a Ransomware Attack?

A ransomware attack is a type of malware attack that encrypts a victim’s data and prevents access until a ransom payment is made. Ransomware attackers often use social engineering techniques, such as phishing, to gain access to a victim’s environment.

It’s also important to remember that you’re dealing with cybercriminals, they don’t always follow through with their end of the “deal.”

What Are the Different Types of Ransomware?

Ransomware variants takes many forms, below are some of the most common types:

WannaCry ransom message demanding $600 in bitcoin

WannaCry ransom message

Here are the most common types:

1. Crypto ransomware or encryptors are one of the most well-known and damaging variants. This type encrypts the files and data within a system, making the content inaccessible without a decryption key.

2. Lockers completely lock you out of your system, so your files and applications are inaccessible. A lock screen displays the ransom demand, possibly with a countdown clock to increase urgency and drive victims to act.

3. Scareware is fake software that claims to have detected a virus or other issue on your computer and directs you to pay to resolve the problem. Some types of scareware lock the computer, while others simply flood the screen with pop-up alerts without actually damaging files.

4. Doxware or leakware threatens to distribute sensitive personal or company information online, and many people panic and pay the ransom to prevent private data from falling into the wrong hands or entering the public domain. One variation is police-themed ransomware, which claims to be law enforcement and warns that illegal online activity has been detected, but jail time can be avoided by paying a fine.

5. RaaS (Ransomware as a Service) refers to malware hosted anonymously by a “professional” hacker that handles all aspects of the attack, from distributing ransomware to collecting payments and restoring access, in return for a cut of the loot.

Ransomware Examples

Below are just a few examples of some infamous ransomware detected over the last few years:

  • BadRabbit
  • BitPaymer
  • Cerber
  • Cryptolocker
  • Dharma
  • DoppelPaymer
  • GandCrab
  • Locky
  • Maze
  • MeduzaLocker
  • NetWalker
  • NotPetya
  • Petya
  • REvil
  • Ryuk
  • SamSam
  • WannaCry

Learn More

Explore some of the most infamous ransomware attacks and the threat actors that operate them. 12 Notorious Ransomware Examples

Ransomware Protection Tips

The following tips are supported by what the CrowdStrike has found to successfully prevent and combat ransomware:

  1. Practice Good IT Hygiene
  2. Improve Resiliency of Internet Facing Applications
  3. Implement and Enhance Email Security
  4. Harden Endpoints
  5. Ransomware-Proof Data with Offline Backups
  6. Restrict Access to Virtualization Management Infrastructure
  7. Implement an Identity and Access Management (IAM) Program
  8. Develop and Pressure-Test an Incident Response Plan
  9. Know When to Ask for Help

SMB Ransomware Threats

Download this white paper to learn how SMBs can protect against ransomware, prepare for a potential incident, and find help if they’ve experienced a breach

Download Now