Book Image

Preventing Ransomware

By : Abhijit Mohanta, Mounir Hahad, Kumaraguru Velmurugan
Book Image

Preventing Ransomware

By: Abhijit Mohanta, Mounir Hahad, Kumaraguru Velmurugan

Overview of this book

<p><span id="description" class="sugar_field">Ransomware has turned out to be the most aggressive malware and has affected numerous organizations in the recent past. The current need is to have a defensive mechanism in place for workstations and servers under one organization.</span></p> <p><span class="sugar_field"><span id="description" class="sugar_field">This book starts by explaining the basics of malware, specifically ransomware. The book provides some quick tips on malware analysis and how you can identify different kinds of malware. We will also take a look at different types of ransomware, and how it reaches your system, spreads in your organization, and hijacks your computer. We will then move on to how the ransom is paid and the negative effects of doing so. You will learn how to respond quickly to ransomware attacks and how to protect yourself. The book gives a brief overview of the internals of security software and Windows features that can be helpful in ransomware prevention for administrators. You will also look at practical use cases in each stage of the ransomware phenomenon. The book talks in detail about the latest ransomware attacks involving WannaCry, Petya, and BadRabbit.</span></span></p> <p><span id="description" class="sugar_field">By the end of this book, you will have end-to-end knowledge of the trending malware in the tech industry at present.</span></p>

Related Content you might be interested in

Current Title:

Small book image
Preventing Ransomware
Abhijit Mohanta | Mounir Hahad | Kumaraguru Velmurugan
Mar, 2018 | 266 pages
Small book image
Preventing Digital Extortion
Dhanya Thakkar
May, 2017 | 360 pages
Small book image
Antivirus Bypass Techniques
Nir Yehoshua | Uriel Kosayev
Jul, 2021 | 242 pages
Small book image
Learning Malware Analysis
Monnappa K A
Jun, 2018 | 510 pages
Table of Contents (16 chapters)
Title Page
Title Page
Packt Upsell
Packt Upsell
Contributors
Contributors
Preface
Preface
Free Chapter
1
Malware from Fun to Profit
Malware from Fun to Profit
1. The malware story
2. Windows operating system basics
3. Malware components
4. Types of malware
5. How does antivirus name malware?
6. Summary
2
Malware Analysis Fundamentals
Malware Analysis Fundamentals
1. Static analysis
2. Dynamic or behavior analysis
3. Summary
3
Ransomware Distribution
Ransomware Distribution
1. Attacks through emails
2. Microsoft Word macros
3. Web attacks
4. Lateral movement
5. Botnets and downloaders
6. Summary
4
Ransomware Techniques for Hijacking the System
Ransomware Techniques for Hijacking the System
1. Scareware and rogue security software
2. ScreenLocker ransomware
3. Browser locker
4. Crypto ransomware
5. Ransomware targeting infrastructure
6. Boot ransomware
7. Summary
5
Ransomware Economics
Ransomware Economics
1. Anonymity 
2. Ransomware payment modes
3. RaaS
4. Other forms of ransom
5. Summary
6
Case Study of Famous Ransomware
Case Study of Famous Ransomware
1. Reveton
2. VirLock – the hybrid ransomware
3. GPCODE or PGPCoder
4. CryptoLocker
5. Cryptowall
6. Locky
7. Cerber
8. Petya
9. WannaCry
10. NotPetya
11. BadRabbit
12. Ransomware on Android, macOS, and Linux
13. Summary
7
Other Forms of Digital Extortion
Other Forms of Digital Extortion
1. DoS attacks
2. Data breach attacks
3. Summary
8
Ransomware Detection and Prevention
Ransomware Detection and Prevention
1. Desktop configuration
2. Antivirus
3. Exploit prevention on Windows
4. Anti-bootkit
5. Detection on a network
6. Honeypots
7. Analytics, machine learning, and correlation
8. Data protection
9. Process and compliance
10. Summary
9
Incident Response
Incident Response
1. Isolating the infected machine
2. Notifying the law authorities
3. Contacting the antivirus vendor
4. Help from the web
5. Forensics
6. Summary
10
The Future of Ransomware
The Future of Ransomware
1. The future of malware capabilities
2. Future victims
3. Summary
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think
Index
Index

7. Cerber

Cerber is a crypto ransomware that was widespread like Locky, and was considered to be the twin of Locky. Cerber was also known to be talking ransomware, as it used to read aloud the ransomware warning message. It was spread via an email spam campaign, exploit kits, and via Botnet. Cerber was first seen in May 2015, but it was more prevalent  in 2017.

Several dridex email spam campaigns spread it across the globe, together with Locky or sometimes alone. The emails contained docx attachments posing as invoices. When the victim attempts to read these attachments, he gets a message that the document has a bad encoding. The victim is tempted to enable Word macros. The macros will decrypt the encoded VBScript embedded in it then execute it. The VBScript further downloads Cerber. Cerber was also known to be downloaded from the Rig and magnitude exploit kits.

A newer version of Cerber evaded security solutions by splitting up its code into smaller chunks of code. These smaller chunks were...

Previous Section
End of Section 8
Next Section