Here are the top five ways ransomware can find its way to your system.
1. Malicious email attachments
This classic technique has been very common with many strains of ransomware as it is very easy to create.
2. Compromised websites
Legitimate websites can be compromised through exploit toolkits which will exploit vulnerabilities of Adobe Flash, Oracle Java, Silverlight, and browsers. When a user visits the website, the exploit toolkit will attempt to push the ransomware through vulnerable software. Maisto.com, a toymaker, had their website compromised using this technique in April of this year.
3. Malicious ads exploiting software vulnerabilities
Similar to compromised websites, this technique involves serving malicious ads through ad networks that, when clicked upon, will attempt to exploit a vulnerability in web technologies like browsers, Adobe Flash, etc. As noted by The Guardian in March 2016, ransomware ads were discovered on New York Times, the BBC, and other major websites hitting billions of users.
4. Malicious URLs and social engineering
A simple technique is to trick a user into click on a URL that runs a script to download and run ransomware. With URL shortening services like bit.ly or TinyURL, the actual location can be hidden from the user.
Getting the user to click on the URL can involve social engineering on email, social media, or other forms of communication. The key is to trick the end user into clicking the URL which is an easy task to accomplish.
Worms are self-propagating malware that often use various methods of moving from machine to machine. Worms made big impact in the late 90s and early 00s and included ILOVEYOU, Nimda, Code Red, and Melissa. Ransomware is beginning to employ this approach as seen with ZCryptor which uses fake installers, removable drives, and network drives to spread.
Don’t be ransomware’s next victim! Learn how LANDESK Security Suite (LDSS) can help you maximize protection against threats by delivering multi-layered endpoint protection.