In recent years it has spread more and more new threat, due to a latest generation malware, which does not cause damage to the affected PC, but creates enormous inconveniences, as it encrypts your personal files, making them incomprehensible and unusable, attacking above all important files for the user and normalizing everything only upon request for payment of a ransom. The name of this threat ransomware, one of the most dangerous malware out there, capable of panicking even the most computer savvy. In this article we will see what are ransomware, how they spread and what to do for remove them without paying avoiding future infections.
Here is a quick index of our article:
What are ransomware
THE ransomware they are particular malware with characteristics similar to trojans and worms (as they spread) whose only purpose is to blackmail the PC owner as messages like:
Do you want to use your favorite programs again? Do you want to access those important files on your hard drive again? You will have to pay (or at least what the bad guys hope) via PayPal or other forms of payment (Bitcoins and other cryptocurrencies are in great demand, due to the difficulty with which it is possible to trace the owner of the virtual wallets).
How ransomware spreads
Pecking a particularly "easy" ransomware, that's why they are among the most widespread threats among modern PCs. The methods by which this type of threat spreads are the following:
- Advertising messages: the most common method for ransowmare; some banners or pop-up pages can carry the infection as soon as they are shown, therefore it is not necessary even to click to infect the PC (for example, open a video and you will find your PC blocked immediately);
- phishing: the second vehicle of infection is certainly phishing via email, where you are invited to visit an infected page for any reason, (often banking or postal problems) by infecting the PCs as soon as the page loading has been completed;
- Via other network PCs: some ransomware have worm characteristics, therefore they spread rapidly through the internal LAN, among all the PCs that show the same vulnerability (as in the case of WannaCry, which exploited a Windows vulnerability to spread quickly);
- Crack and modified software: one of the most "ancient" methods and still widely used to spread malware integrating them into crack, keygen and modified premium programs. The infection in this case is the direct consequence of turning to computer piracy to obtain legally purchasable programs.
The dangers of a ransomware
The dangers of ransomware are numerous, given how this type of malware works. First of all, you risk lose imported documents saved on your PC, until the payment of the ransom or the unlocking of the files through the dedicated tools; then not said that paying solves the problem, because the bad guys hardly respect the agreements freeing the PC from the threat (they can do it, as they can't do it), so you risk losing money and data!
Then let's not forget that since it is malware, it could always hide inside the PC, make us believe that it disappeared and then come back again to look for money and to make us waste a lot of time. As a last threat it should be remembered that some ransomware encrypt files with advanced algorithms, not yet violated by cyber security houses: if the files are encrypted with these methods, you may lose the file or files forever without recovery possibility.
With a ransomware you don't mess around, in these cases it is preferable to really avoid them rather than being in front of them. Below you can find some of the most popular ransomware that have hit PCs in recent years:
- Bitman (TeslaCrypt)
How to avoid ransomware infections
To avoid ransomware infections you can follow simple tips, applicable on any PC.
Enable Defender's anti-ransomware protection
Windows Defender integrated on Windows 10 allows you to protect some folders from the action of ransomware, so that we can protect ourselves in case of encryption. To activate this protection, simply open the Windows Defender Security Center from the Start menu and go to the menu Virus and threat protection -> Ransomware protectionand enable the voice Controlled access to folders.
IObit Malware Fighter 6
The first software instead that I recommend to use to prevent threats from ransomware IObit Malware Fighter 6, available for download from the following link.
DOWNLOAD |IObit Malware Fighter 6
This program boasts an effective anti-ransomware system (available in the Pro version of the program) that prevents the encryption of files and the blocking of PC activities, so as to render completely any type of ransomware and in general any type of malware.
This program is definitely the best system to protect a PC in the hands of an inexperienced user from the attack of ransomware, so as to also avoid the loss of files.
Another way to avoid ransomware infections is to use a complete antivirus that is effective in blocking malicious links and all types of threats before they can do harm; the best free antivirus for Windows 10 currently Kaspersky Free, downloadable from the following link.
DOWNLOAD | Kaspersky Free
How to remove ransomware
To remove a ransomware you can use dedicated tools (starting from the assumption that your antivirus has failed to stop the threat and / or has been deactivated) which can be downloaded free of charge below (you can use them in Safe Mode or from recovery disk):
To unlock the files that have fallen victim to ransomware (they must be treated separately, it is not enough to remove the ransomware to unlock them) you can use the following tools:
I remind you that not all encrypted files can be decrypted in the current state, therefore it is always better to periodically make backup copies so that you can recover files lost due to ransomware.