5 Types of Ransomware

January 30, 2023

What Are the Different Types of Ransomware?

Ransomware is a type of malware attack that encrypts a victim’s data and prevents access until a ransom payment is made. Ransomware attackers often use social engineering techniques, such as phishing, to gain access to a victim’s environment.

It’s also important to remember that you’re dealing with cybercriminals, they don’t always follow through with their end of the “deal.”

The most common types include:

1. Crypto Ransomware or Encryptors

Encyrptors are one of the most well-known and damaging variants. This type encrypts the files and data within a system, making the content inaccessible without a decryption key.

2. Lockers

Lockers completely lock you out of your system, so your files and applications are inaccessible. A lock screen displays the ransom demand, possibly with a countdown clock to increase urgency and drive victims to act.

3. Scareware

Scareware is fake software that claims to have detected a virus or other issue on your computer and directs you to pay to resolve the problem. Some types of scareware lock the computer, while others simply flood the screen with pop-up alerts without actually damaging files.

4. Doxware or Leakware

Leakware threatens to distribute sensitive personal or company information online, and many people panic and pay the ransom to prevent private data from falling into the wrong hands or entering the public domain. One variation is police-themed ransomware, which claims to be law enforcement and warns that illegal online activity has been detected, but jail time can be avoided by paying a fine.

5. RaaS (Ransomware as a Service)

Ransomware as a Service (RaaS) refers to malware hosted anonymously by a “professional” hacker that handles all aspects of the attack, from distributing ransomware to collecting payments and restoring access, in return for a cut of the loot.

2023 CrowdStrike Global Threat Report

Download the 2023 Global Threat Report to find out how security teams can better protect the people, processes, and technologies of a modern enterprise in an increasingly ominous threat landscape.

Download Now

Ransomware Examples

Below are just a few examples of some infamous ransomware detected over the last few years:

  • BadRabbit
  • BitPaymer
  • Cerber
  • Cryptolocker
  • Dharma
  • DoppelPaymer
  • GandCrab
  • Locky
  • Maze
  • MeduzaLocker
  • NetWalker
  • NotPetya
  • Petya
  • REvil
  • Ryuk
  • SamSam
  • WannaCry
WannaCry ransom message demanding $600 in bitcoin

WannaCry ransom message

Learn More

Explore some of the most infamous ransomware attacks and the threat actors that operate them. 16 Notorious Ransomware Examples

Ransomware Protection Tips

The following tips are supported by what the CrowdStrike has found to successfully prevent and combat ransomware:

  1. Practice Good IT Hygiene
  2. Improve Resiliency of Internet Facing Applications
  3. Implement and Enhance Email Security
  4. Harden Endpoints
  5. Ransomware-Proof Data with Offline Backups
  6. Restrict Access to Virtualization Management Infrastructure
  7. Implement an Identity and Access Management (IAM) Program
  8. Develop and Pressure-Test an Incident Response Plan
  9. Know When to Ask for Help

Small Business Cybersecurity Survival Guide

Get CrowdStrike’s Small Business Cybersecurity Survival Guide to learn how to identify threats and stop them, even with limited resources.

Download Now