VIRUS PROBLEMS

Malware, short for “malicious Software” is any software used to disrupt computer operation, gather sensitive information, or gain access to a private computer system. Malware is defined by its malicious intent, acting against the wishes of the owner of a computer system. Malware is stealthy, mostly used to steal information or spy on a computer users for an extended period without their Knowledge or it may be designed to cause harm, sabotage or extort payment.

Malware is an umbrella term used to refer to a variety of hostile or intrusive software including

Computer Viruses Worms
Trojan horses
Ransomware Spyware
adware Scareware
and other malicious programs

Spyware or other malware is sometimes found embedded in programs supplied officially by companies, e.g., downloadable from websites, that appear useful or attractive, but may have, for example, additional hidden tracking functionality that gathers marketing statistics. An example of such software, which was described as illegitimate, is the Sony rootkit, a Trojan embedded into CDs sold by Sony, which silently installed and concealed itself on purchasers’ But they have been forced to stop this practice. Software such as anti-virus, anti-malware, and firewalls are used to protect against activity identified as malicious.

Ransomware is another form of Malware or Virus, they are two types of Ransomware

1. Encrypting ransomware
2. Non-Encrypting ransomware

The first known ransomware was the 1989 “AIDS” trojan (also known as “PC Cyborg”) written by Joseph Popp, which triggered a payload claiming that the user’s license to use a certain piece of software had expired, encrypted file names on the hard drive, and required the user to pay US$189 to “PC Cyborg Corporation” in order to unlock the system.

Examples of extortionate ransomware became prominent in May 2005. By mid-2006, worms such as Gpcode, TROJ.RANSOM.A, Archiveus, Krotten, Cryzip, and MayArchive began utilizing more sophisticated RSA encryption schemes, with ever-increasing key-sizes. Gpcode.AG, which was detected in June 2006, was encrypted with a 660-bit RSA public key. In June 2008, a variant known as Gpcode. AK was detected. Using a 1024-bit RSA key, it was believed to be large enough to be computationally infeasible to break without a concerted distributed effort.

Encrypting ransomware returned to prominence in late 2013 with the propagation of CryptoLocker—using the Bitcoin digital currency platform to collect ransom money. In December 2013, ZDNet estimated based on Bitcoin transaction information that between October 15 and December 18, the operators of CryptoLocker had procured about US$27 million from infected users. In turn, CryptoLocker would influence a range of copycats that began to spread in the months following, including CryptoLocker 2.0, CryptoDefense (which initially contained a major design flaw that allowed the private key to be stored on the infected system in a user-retrievable location, due to its use of Windows’ built-in encryption APIs), and the August 2014 discovery of a worm specifically targeting network-attached storage devices produced by Synology.

In August 2010, Russian authorities arrested ten individuals connected to a ransomware worm known as WinLock. Unlike the previous Gpcode worms, Winlock did not use encryption. Instead, WinLock trivially restricted access to the system by displaying pornographic images, and asked users to send a premium-rate SMS (costing around US$10) to receive a code that could be used to unlock their machines. The scam hit numerous users across Russia and neighboring countries—reportedly earning the group over US$16 million.

In 2011, a ransomware worm imitating the Windows Product Activation notice surfaced that informed users that a system’s Windows installation would have to be re-activated due to “[being a] victim of fraud”. An online activation option was offered (like the actual Windows activation process), but was unavailable, requiring the user to call one of six international numbers to input a 6-digit code. While the malware claimed that this call would be free, it was routed through a rogue operator in a country with high international phone rates, who placed the call on hold, causing the user to incur large international long distance charges.

In February 2013, a ransomware worm based on the Stamp.EK exploit kit surfaced; the malware was distributed via sites hosted on the project hosting services SourceForge and GitHub that claimed to offer “fake nude pics” of celebrities. In July 2013, an OS X-specific ransomware worm surfaced, which displays a web page that accuses the user of downloading pornography. Unlike its Windows-based counterparts, it does not block the entire computer, but simply exploits the behaviour of the web browser itself to frustrate attempts to close the page through normal means.

In July 2013, a 21-year-old man from Virginia, whose computer coincidentally did contain pornographic photographs of underage girls with whom he had conducted inappropriate communications, turned himself in to police after receiving and being deceived by ransomware purporting to be an FBI message accusing him of possessing child pornography. An investigation discovered the incriminating files, and the man was charged with child sexual abuse and possession of child pornography.