Book Image

Preventing Ransomware

By : Abhijit Mohanta, Mounir Hahad, Kumaraguru Velmurugan
Book Image

Preventing Ransomware

By: Abhijit Mohanta, Mounir Hahad, Kumaraguru Velmurugan

Overview of this book

<p><span id="description" class="sugar_field">Ransomware has turned out to be the most aggressive malware and has affected numerous organizations in the recent past. The current need is to have a defensive mechanism in place for workstations and servers under one organization.</span></p> <p><span class="sugar_field"><span id="description" class="sugar_field">This book starts by explaining the basics of malware, specifically ransomware. The book provides some quick tips on malware analysis and how you can identify different kinds of malware. We will also take a look at different types of ransomware, and how it reaches your system, spreads in your organization, and hijacks your computer. We will then move on to how the ransom is paid and the negative effects of doing so. You will learn how to respond quickly to ransomware attacks and how to protect yourself. The book gives a brief overview of the internals of security software and Windows features that can be helpful in ransomware prevention for administrators. You will also look at practical use cases in each stage of the ransomware phenomenon. The book talks in detail about the latest ransomware attacks involving WannaCry, Petya, and BadRabbit.</span></span></p> <p><span id="description" class="sugar_field">By the end of this book, you will have end-to-end knowledge of the trending malware in the tech industry at present.</span></p>

Related Content you might be interested in

Current Title:

Small book image
Preventing Ransomware
Abhijit Mohanta | Mounir Hahad | Kumaraguru Velmurugan
Mar, 2018 | 266 pages
Small book image
Preventing Digital Extortion
Dhanya Thakkar
May, 2017 | 360 pages
Small book image
Antivirus Bypass Techniques
Nir Yehoshua | Uriel Kosayev
Jul, 2021 | 242 pages
Small book image
Learning Malware Analysis
Monnappa K A
Jun, 2018 | 510 pages
Table of Contents (16 chapters)
Title Page
Title Page
Packt Upsell
Packt Upsell
Contributors
Contributors
Preface
Preface
Free Chapter
1
Malware from Fun to Profit
Malware from Fun to Profit
1. The malware story
2. Windows operating system basics
3. Malware components
4. Types of malware
5. How does antivirus name malware?
6. Summary
2
Malware Analysis Fundamentals
Malware Analysis Fundamentals
1. Static analysis
2. Dynamic or behavior analysis
3. Summary
3
Ransomware Distribution
Ransomware Distribution
1. Attacks through emails
2. Microsoft Word macros
3. Web attacks
4. Lateral movement
5. Botnets and downloaders
6. Summary
4
Ransomware Techniques for Hijacking the System
Ransomware Techniques for Hijacking the System
1. Scareware and rogue security software
2. ScreenLocker ransomware
3. Browser locker
4. Crypto ransomware
5. Ransomware targeting infrastructure
6. Boot ransomware
7. Summary
5
Ransomware Economics
Ransomware Economics
1. Anonymity 
2. Ransomware payment modes
3. RaaS
4. Other forms of ransom
5. Summary
6
Case Study of Famous Ransomware
Case Study of Famous Ransomware
1. Reveton
2. VirLock – the hybrid ransomware
3. GPCODE or PGPCoder
4. CryptoLocker
5. Cryptowall
6. Locky
7. Cerber
8. Petya
9. WannaCry
10. NotPetya
11. BadRabbit
12. Ransomware on Android, macOS, and Linux
13. Summary
7
Other Forms of Digital Extortion
Other Forms of Digital Extortion
1. DoS attacks
2. Data breach attacks
3. Summary
8
Ransomware Detection and Prevention
Ransomware Detection and Prevention
1. Desktop configuration
2. Antivirus
3. Exploit prevention on Windows
4. Anti-bootkit
5. Detection on a network
6. Honeypots
7. Analytics, machine learning, and correlation
8. Data protection
9. Process and compliance
10. Summary
9
Incident Response
Incident Response
1. Isolating the infected machine
2. Notifying the law authorities
3. Contacting the antivirus vendor
4. Help from the web
5. Forensics
6. Summary
10
The Future of Ransomware
The Future of Ransomware
1. The future of malware capabilities
2. Future victims
3. Summary
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think
Index
Index

2. ScreenLocker ransomware

 This ransomware does not encrypt files on the victim's machine. It locks the entire screen and does not permit the victim to do anything else till he pays the ransom. ScreenLocker is normally downloaded from exploit kits, mostly in the recent past.

The following is a list of some of the popular ScreenLocker ransomware:

  • Reveton
  • Urausy
  • Kovter
  • Tobfy
  • Weelsof
  • BlueScreen
  • Koktrom
  • Winlock
  • LockScreen

Details about some of these families will be covered in later chapters.

2.1 How does ScreenLocker ransomware work on Windows OS?

The following points give a brief idea of how the ransomware achieves the screen locking functionality. Some keywords are used that are related to programming:

  • A ransomware can use the EnumWindows() API to find out all windows (GUIs of other processes) after which it puts all the windows in the background. Finally, the ransomware window remains at the top of other windows.
  • Ransomware window covers the full screen.
  • The victim should not be able to resize the window...
Previous Section
End of Section 3
Next Section