SlideShare a Scribd company logo

rensomware final ppt

Download as PPTX, PDF
K
Komal Keshwer

rensomware final ppt

Science
1 of 30
WELCOME
ON RANSOMWARE SAMINAR
RANSOMWARE • Submitted to: DR R.K CHAUHAN Miss pooja mam (assistance professor) • Submitted by : Komal rani Roll no: 43 Sec.: A(MCA 1ST) 6TH OCT, 2017
Contents  What Is Ransomware ?  Definition Of Ransomware  History  Types Of Ransomwar  Encryption Ransomware  Lock Screen Ransomware  Mbr Ransomware  Cryptolocker Ransomware  Hoe To Prevent Ransomware?
BE CONTINUE…….(content)  How To Identfy Ransomware Removal-microsoft Procedure Delete Cryptolocker Hidden File  Delete Temporary Files Way of payment What is bit coin? Conclusion References
What is ransomware ? Ransomware Is A Type Of Malware Which Is Widely Classified As A Trojan. Its Restricts Access To Or Damage The Computer For The Purpose Of Extorting Money For The Victim. It Also Has The Capability To Encrypt A User’s Files,display The Different Threet Massage,and Force The User To Pay Ransom Via An Online Payment System.
HISTORY  The first known ransomware was the 1989 "AIDS" trojan (also known as "PC Cyborg") written by Joseph Popp.  Extortionate ransomware became prominent in May 2005.  By mid-2006, worms such as Gpcode, TROJ.RANSOM.A, Archiveus, Krotten, Cryzip, and MayArchive began utilizing more sophisticated RSA encryption schemes, with ever- increasing key-sizes.  In 2011, a ransomware worm imitating the Windows Product Activation notice surfaced.
BE CONTINUE… In February 2013, A Ransomware Worm Based Off The Stamp.EK Exploit Kit Surfaced. In July 2013, An Os X-specific Ransomware Worm Surfaced. Cryptolocker Has Raked In Around 5 Million Dollars In The Last 4 Months Of 2013.
TYPES OF RANSOMEWARE Encryption Ransomware Lock Screen Ransomware Master Boot Record (Mbr) Ransomware Crypto Locker Ransomware
ENCRYPTION RANSOMWARE Encrypts Personal Files/Folders (E.G This Pc). Files Are Deleted Once They Are Encrypted And Generally There Is A Text File In The Same Folder As The Now- inaccessible Files With Instructions For Payment. You May See A Lock Screen But Not All Variants Show One. Instead You May Only Notice A Problem When You Attempt To Open Your Files. This Type Is Also Called 'File Encryptor' Ransomware.
Like this…
LOCK SCREEN RANSOMWARE 'Locks' The Screen And Demands Payment. Presents A Full Screen Image That Blocks All Other Windows. This Type Is Called 'Winlocker' Ransomware. No Personal Files Are Encrypted.
Your computer is locked
MBR RANSOMWARE The Master Boot Record (MBR) is a section of the computer's hard drive that allows the operating system to boot up. MBR ransomware changes the computer's MBR so the normal boot process is interrupted. A ransom demand is displayed on screen instead.
BE CONTINUE……
CRYPTOLOCER  A Encrypting ransomware reappeared in 2013.  Distributed either as an attachment to a malicious e-mail or as a drive-by download.  encrypts certain types of files stored on local and mounted network drives using RSA public-key cryptography.  The private key stored only on the malware's control servers.  Offers to decrypt the data if a payment (through either Bitcoin or a pre-paid voucher) is made by a stated deadline.  threatens to delete the private key if the deadline passes.
 If the deadline is not met, the malware offers to decrypt data via an online service provided by the malware's operators, for a significantly higher price in Bitcoin.
HOW TO PREVENT RANSOMWARE?  Keep All Of The Software On Your Computer Up To Date.  Make Sure Automatic Updating Is Turned On To Get All The Latest Microsoft Security Updates And Browser-related Components (Java, Adobe, And The Like).  Keep Your Firewall Turned On.  Don't Open Spam Email Messages Or Click Links On Suspicious Websites. (Cryptolocker Spreads Via .Zip Files Sent As Email Attachments, For Example.)
BE CONTINUE…..  Download Microsoft Security Essentials, Which Is Free, Or Use Another Reputable Antivirus And Anti-malware Program.  If You Run Windows 8 Or Windows Rt, You Don’t Need Microsoft Security Essentials.  Scan Your Computer With The Microsoft Safety Scanner.  Keep Your Browser Clean.  Always Have A Good Backup System In Place, Just In Case Your Pc Does Become Infected And You Can’t Recover Your Files.
HOW TO IDENTIFY RANSOMWARE? Most Commonly, Ransomware Is Saved To One Of The Following Locations: c:programdata(random alpha numerics).exe c:users(username)0.(random numbers).exe c:usersusernameappdata(random alpha numerics).exe
REMOVAL – MICROSOFT PROCEDURE  The Following Microsoft Products Can Detect And Remove This Threat:  Windows Defender (Built Into Windows 8)  Microsoft Security Essentials  Microsoft Safety Scanner  Windows Defender Offline (Some Ransomware Will Not Allow You To Use The Products Listed Here, So You Might Have To Start Your Computer From A Windows Defender Offline Disk.)
DELETE CRYPTOLOCKER HIDDEN FILES  Enable The Hidden Files View From Control Panel.  Navigate To The Following Paths And Delete All Cryptolocker Hidden Files:  For Windows Xp  C:documents And Settings<your Username>application Datarandomfilename.Exe  E.G. {Daeb88e5-fa8e-e0d1-8fcd-bfc7d2f6ed25}.Exe  For Windows Vista Or Windows 7  C:users<your Username>appdataroamingrandomfilename.Exe  E.G. {Daeb88e5-fa8e-e0d1-8fcd-bfc7d2f6ed25}.Exe  C:windowssystem32msctfime.Ime
DELETE TEMPORARY FILES Finally Delete All Files And Folders Under Your TEMP Folders: For Windows XP – c:documents and settings<your username>local settingstemp – c:windowstemp For Windows Vista Or Windows 7 – c:users<your username>appdatalocaltemp – c:windowstemp
Way of payment This step can be fairly easy since most ransomware will display the payment methods in large text or very clear instructions. Typically there will be a link to instructions right in the ransomware screen. In other cases you will have a file named something like DECRYPT_INSTRUCTIONS.TXT that you can follow. Regardless of the specific version of ransomware you’ve been hit with, the payment instructions will give you three pieces of information: • How much to pay • Where to pay • Amount of time left to pay the ransom (countdown timer) Once you have the above information, it’s time to figure out how to pay the ransom.
What is bit coin? Once you have a Bitcoin (or more) in your Bitcoin wallet, now it’s time to transfer that Bitcoin to the wallet of the ransomware creator. Typically paying the ransom will require one or more of the following pieces of information: • A web address to view your specific ransomware payment information (this may be a TOR address). • The hacker’s BTC wallet ID that you will use to transfer the BTC to. • Depending on ransomware, the transaction ID or “hash” generated when you actually transfer the BTC to the hacker’s wallet.
E xample of a Bitcoin wallet string: 19eXu8 8pqN30ejLxfei4S1alqbr23pP4bd
PAY BTC AND SHOW THE PROOF
CONCLUSION When It Comes To Malware Attacks, Knowledge Is The Best Possible Weapon To Prevent Them. Be Careful What You Click!! Preventive Measures Should Be Taken Before Ransomewares Establish Strong Hold. Keeping All The Software Updated And Getting Latest Security Updates Might Help To Prevent The Attacks. Use Of Antivirus And Original Software Is Highly Recommended. Creating Software Restriction Policy Is The Best Tool To Prevent A Cryptolocker Infection In The First Place In Networks.
REFRENCE  http://www.microsoft.com/security/resources/ransomware- whatis.aspx  http://www.microsoft.com/security/portal/mmpc/shared/ransomw are.aspx  http://www.sophos.com/en- us/support/knowledgebase/119006.aspx  http://us.norton.com/ransomware  http://en.wikipedia.org/wiki/Ransomware For details in removal and recovery solutions visit:  http://www.wintips.org/how-to-remove-cryptolocker-ransomware- and-restore-your-files/  http://www.f-secure.com/en/web/labs_global/removal/removing- ransomware
THANK YOU……….

Recommended

Cryptolocker Ransomware Attack
Cryptolocker Ransomware AttackCryptolocker Ransomware Attack
Cryptolocker Ransomware AttackKeval Bhogayata
 
Ransomware: Wannacry
Ransomware: WannacryRansomware: Wannacry
Ransomware: WannacryMikel Solabarrieta
 
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...Roger Hagedorn
 
Welcome to the #WannaCry Wine Club
Welcome to the #WannaCry Wine ClubWelcome to the #WannaCry Wine Club
Welcome to the #WannaCry Wine ClubPaul Dutot IEng MIET MBCS CITP OSCP CSTM
 
Wannacry
WannacryWannacry
Wannacryemeka onuzuruike
 
Presentation of Cyber terrorism, Bitcoins & Ransomware
Presentation of Cyber terrorism, Bitcoins & RansomwarePresentation of Cyber terrorism, Bitcoins & Ransomware
Presentation of Cyber terrorism, Bitcoins & RansomwareHemraj Singh Chouhan
 
Blackhat USA 2014 - The New Scourge of Ransomware
Blackhat USA 2014 - The New Scourge of RansomwareBlackhat USA 2014 - The New Scourge of Ransomware
Blackhat USA 2014 - The New Scourge of RansomwareJohn Bambenek
 
Cryptojacking - by Vishwaraj101
Cryptojacking - by Vishwaraj101Cryptojacking - by Vishwaraj101
Cryptojacking - by Vishwaraj101v_raj
 

Recommended

Cryptolocker Ransomware Attack
Cryptolocker Ransomware AttackCryptolocker Ransomware Attack
Cryptolocker Ransomware AttackKeval Bhogayata
 
Ransomware: Wannacry
Ransomware: WannacryRansomware: Wannacry
Ransomware: WannacryMikel Solabarrieta
 
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...Roger Hagedorn
 
Welcome to the #WannaCry Wine Club
Welcome to the #WannaCry Wine ClubWelcome to the #WannaCry Wine Club
Welcome to the #WannaCry Wine ClubPaul Dutot IEng MIET MBCS CITP OSCP CSTM
 
Wannacry
WannacryWannacry
Wannacryemeka onuzuruike
 
Presentation of Cyber terrorism, Bitcoins & Ransomware
Presentation of Cyber terrorism, Bitcoins & RansomwarePresentation of Cyber terrorism, Bitcoins & Ransomware
Presentation of Cyber terrorism, Bitcoins & RansomwareHemraj Singh Chouhan
 
Blackhat USA 2014 - The New Scourge of Ransomware
Blackhat USA 2014 - The New Scourge of RansomwareBlackhat USA 2014 - The New Scourge of Ransomware
Blackhat USA 2014 - The New Scourge of RansomwareJohn Bambenek
 
Cryptojacking - by Vishwaraj101
Cryptojacking - by Vishwaraj101Cryptojacking - by Vishwaraj101
Cryptojacking - by Vishwaraj101v_raj
 
WannaCry Ransomware
WannaCry Ransomware WannaCry Ransomware
WannaCry RansomwareZoho Corporation
 
ITPG Secure on WannaCry
ITPG Secure on WannaCryITPG Secure on WannaCry
ITPG Secure on WannaCryITPG Secure Compliance and Certification Training
 
Protecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry RansomwareProtecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry RansomwareQuick Heal Technologies Ltd.
 
Wannacry
WannacryWannacry
WannacryAravindVV
 
How to Help Your Customers Protect Themselves from Ransomware Attacks
How to Help Your Customers Protect Themselves from Ransomware AttacksHow to Help Your Customers Protect Themselves from Ransomware Attacks
How to Help Your Customers Protect Themselves from Ransomware AttacksSolarwinds N-able
 
Wannacry | Technical Insight and Lessons Learned
Wannacry | Technical Insight and Lessons LearnedWannacry | Technical Insight and Lessons Learned
Wannacry | Technical Insight and Lessons LearnedThomas Roccia
 
Ransomware
RansomwareRansomware
RansomwareAkshita Pillai
 
Ransomware by lokesh
Ransomware by lokeshRansomware by lokesh
Ransomware by lokeshLokesh Bysani
 
CSF18 - The Digital Threat of the Decade (Century) - Sasha Kranjac
CSF18 - The Digital Threat of the Decade (Century) - Sasha KranjacCSF18 - The Digital Threat of the Decade (Century) - Sasha Kranjac
CSF18 - The Digital Threat of the Decade (Century) - Sasha KranjacNCCOMMS
 
Ransomware Attack.pptx
Ransomware Attack.pptxRansomware Attack.pptx
Ransomware Attack.pptxIkramSabir4
 
Ransomware hostage rescue manual
Ransomware hostage rescue manualRansomware hostage rescue manual
Ransomware hostage rescue manualRoel Palmaers
 
ransomware presentation in detail explaination
ransomware presentation in detail explainationransomware presentation in detail explaination
ransomware presentation in detail explainationsr99536254
 
Ransomware
RansomwareRansomware
RansomwareChaitali Sharma
 
Null mumbai Session on ransomware by_Aditya Jamkhande
Null mumbai Session on ransomware by_Aditya JamkhandeNull mumbai Session on ransomware by_Aditya Jamkhande
Null mumbai Session on ransomware by_Aditya Jamkhandenullowaspmumbai
 
Ransomware: WanaCry, WanCrypt
Ransomware: WanaCry, WanCryptRansomware: WanaCry, WanCrypt
Ransomware: WanaCry, WanCryptYash Diwakar
 
Ransomware Trends 2017 & Mitigation Techniques
Ransomware Trends 2017 & Mitigation TechniquesRansomware Trends 2017 & Mitigation Techniques
Ransomware Trends 2017 & Mitigation TechniquesAvinash Sinha
 
Analysing Ransomware
Analysing RansomwareAnalysing Ransomware
Analysing RansomwareNapier University
 
Ransomware - Rameez Shahzada
Ransomware - Rameez ShahzadaRansomware - Rameez Shahzada
Ransomware - Rameez ShahzadaRAMEEZ SHAHZADA
 
Ransomware : A cyber crime without solution ? by Prashant Mali
Ransomware : A cyber crime without solution ? by Prashant MaliRansomware : A cyber crime without solution ? by Prashant Mali
Ransomware : A cyber crime without solution ? by Prashant MaliAdv. Prashant Mali ♛ [Bsc(Phy),MSc(Comp Sci), CCFP,CISSA,LLM]
 
Hacking 1224807880385377-9
Hacking 1224807880385377-9Hacking 1224807880385377-9
Hacking 1224807880385377-9Geoff Pesimo
 
Ransomeware
RansomewareRansomeware
RansomewareAbul Hossain Ripon
 
Point of Sale (POS) Malware: Easy to Spot, Hard to Stop
Point of Sale (POS) Malware: Easy to Spot, Hard to StopPoint of Sale (POS) Malware: Easy to Spot, Hard to Stop
Point of Sale (POS) Malware: Easy to Spot, Hard to StopSymantec
 

More Related Content

What's hot

Protecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry RansomwareProtecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry RansomwareQuick Heal Technologies Ltd.
 
How to Help Your Customers Protect Themselves from Ransomware Attacks
How to Help Your Customers Protect Themselves from Ransomware AttacksHow to Help Your Customers Protect Themselves from Ransomware Attacks
How to Help Your Customers Protect Themselves from Ransomware AttacksSolarwinds N-able
 
Wannacry | Technical Insight and Lessons Learned
Wannacry | Technical Insight and Lessons LearnedWannacry | Technical Insight and Lessons Learned
Wannacry | Technical Insight and Lessons LearnedThomas Roccia
 

What's hot (6)

WannaCry Ransomware
WannaCry Ransomware WannaCry Ransomware
WannaCry Ransomware
 
ITPG Secure on WannaCry
ITPG Secure on WannaCryITPG Secure on WannaCry
ITPG Secure on WannaCry
 
Protecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry RansomwareProtecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry Ransomware
 
Wannacry
WannacryWannacry
Wannacry
 
How to Help Your Customers Protect Themselves from Ransomware Attacks
How to Help Your Customers Protect Themselves from Ransomware AttacksHow to Help Your Customers Protect Themselves from Ransomware Attacks
How to Help Your Customers Protect Themselves from Ransomware Attacks
 
Wannacry | Technical Insight and Lessons Learned
Wannacry | Technical Insight and Lessons LearnedWannacry | Technical Insight and Lessons Learned
Wannacry | Technical Insight and Lessons Learned
 

Similar to rensomware final ppt

Ransomware by lokesh
Ransomware by lokeshRansomware by lokesh
Ransomware by lokeshLokesh Bysani
 
CSF18 - The Digital Threat of the Decade (Century) - Sasha Kranjac
CSF18 - The Digital Threat of the Decade (Century) - Sasha KranjacCSF18 - The Digital Threat of the Decade (Century) - Sasha Kranjac
CSF18 - The Digital Threat of the Decade (Century) - Sasha KranjacNCCOMMS
 
Ransomware Attack.pptx
Ransomware Attack.pptxRansomware Attack.pptx
Ransomware Attack.pptxIkramSabir4
 
Ransomware hostage rescue manual
Ransomware hostage rescue manualRansomware hostage rescue manual
Ransomware hostage rescue manualRoel Palmaers
 
ransomware presentation in detail explaination
ransomware presentation in detail explainationransomware presentation in detail explaination
ransomware presentation in detail explainationsr99536254
 
Null mumbai Session on ransomware by_Aditya Jamkhande
Null mumbai Session on ransomware by_Aditya JamkhandeNull mumbai Session on ransomware by_Aditya Jamkhande
Null mumbai Session on ransomware by_Aditya Jamkhandenullowaspmumbai
 
Ransomware: WanaCry, WanCrypt
Ransomware: WanaCry, WanCryptRansomware: WanaCry, WanCrypt
Ransomware: WanaCry, WanCryptYash Diwakar
 
Ransomware Trends 2017 & Mitigation Techniques
Ransomware Trends 2017 & Mitigation TechniquesRansomware Trends 2017 & Mitigation Techniques
Ransomware Trends 2017 & Mitigation TechniquesAvinash Sinha
 
Ransomware - Rameez Shahzada
Ransomware - Rameez ShahzadaRansomware - Rameez Shahzada
Ransomware - Rameez ShahzadaRAMEEZ SHAHZADA
 
Hacking 1224807880385377-9
Hacking 1224807880385377-9Hacking 1224807880385377-9
Hacking 1224807880385377-9Geoff Pesimo
 
Point of Sale (POS) Malware: Easy to Spot, Hard to Stop
Point of Sale (POS) Malware: Easy to Spot, Hard to StopPoint of Sale (POS) Malware: Easy to Spot, Hard to Stop
Point of Sale (POS) Malware: Easy to Spot, Hard to StopSymantec
 
Meeting02_RoT.pptx
Meeting02_RoT.pptxMeeting02_RoT.pptx
Meeting02_RoT.pptxothmanomar13
 
'We Eat Cryptolocker for Breakfast' - How to Beat Ransomware Presentation
'We Eat Cryptolocker for Breakfast' - How to Beat Ransomware Presentation'We Eat Cryptolocker for Breakfast' - How to Beat Ransomware Presentation
'We Eat Cryptolocker for Breakfast' - How to Beat Ransomware PresentationLucy Denver
 
Ransomware - The Growing Threat
Ransomware - The Growing ThreatRansomware - The Growing Threat
Ransomware - The Growing ThreatNick Miller
 

Similar to rensomware final ppt (20)

Ransomware
RansomwareRansomware
Ransomware
 
Ransomware by lokesh
Ransomware by lokeshRansomware by lokesh
Ransomware by lokesh
 
CSF18 - The Digital Threat of the Decade (Century) - Sasha Kranjac
CSF18 - The Digital Threat of the Decade (Century) - Sasha KranjacCSF18 - The Digital Threat of the Decade (Century) - Sasha Kranjac
CSF18 - The Digital Threat of the Decade (Century) - Sasha Kranjac
 
Ransomware Attack.pptx
Ransomware Attack.pptxRansomware Attack.pptx
Ransomware Attack.pptx
 
Ransomware hostage rescue manual
Ransomware hostage rescue manualRansomware hostage rescue manual
Ransomware hostage rescue manual
 
ransomware presentation in detail explaination
ransomware presentation in detail explainationransomware presentation in detail explaination
ransomware presentation in detail explaination
 
Ransomware
RansomwareRansomware
Ransomware
 
Null mumbai Session on ransomware by_Aditya Jamkhande
Null mumbai Session on ransomware by_Aditya JamkhandeNull mumbai Session on ransomware by_Aditya Jamkhande
Null mumbai Session on ransomware by_Aditya Jamkhande
 
Ransomware: WanaCry, WanCrypt
Ransomware: WanaCry, WanCryptRansomware: WanaCry, WanCrypt
Ransomware: WanaCry, WanCrypt
 
Ransomware Trends 2017 & Mitigation Techniques
Ransomware Trends 2017 & Mitigation TechniquesRansomware Trends 2017 & Mitigation Techniques
Ransomware Trends 2017 & Mitigation Techniques
 
Analysing Ransomware
Analysing RansomwareAnalysing Ransomware
Analysing Ransomware
 
Ransomware - Rameez Shahzada
Ransomware - Rameez ShahzadaRansomware - Rameez Shahzada
Ransomware - Rameez Shahzada
 
Ransomware : A cyber crime without solution ? by Prashant Mali
Ransomware : A cyber crime without solution ? by Prashant MaliRansomware : A cyber crime without solution ? by Prashant Mali
Ransomware : A cyber crime without solution ? by Prashant Mali
 
Hacking 1224807880385377-9
Hacking 1224807880385377-9Hacking 1224807880385377-9
Hacking 1224807880385377-9
 
Ransomeware
RansomewareRansomeware
Ransomeware
 
Point of Sale (POS) Malware: Easy to Spot, Hard to Stop
Point of Sale (POS) Malware: Easy to Spot, Hard to StopPoint of Sale (POS) Malware: Easy to Spot, Hard to Stop
Point of Sale (POS) Malware: Easy to Spot, Hard to Stop
 
Meeting02_RoT.pptx
Meeting02_RoT.pptxMeeting02_RoT.pptx
Meeting02_RoT.pptx
 
'We Eat Cryptolocker for Breakfast' - How to Beat Ransomware Presentation
'We Eat Cryptolocker for Breakfast' - How to Beat Ransomware Presentation'We Eat Cryptolocker for Breakfast' - How to Beat Ransomware Presentation
'We Eat Cryptolocker for Breakfast' - How to Beat Ransomware Presentation
 
Ransomware - The Growing Threat
Ransomware - The Growing ThreatRansomware - The Growing Threat
Ransomware - The Growing Threat
 
Cryptolocker
Cryptolocker Cryptolocker
Cryptolocker
 

Recently uploaded

Recombinant DNA technology (Immunological screening)
Recombinant DNA technology (Immunological screening)Recombinant DNA technology (Immunological screening)
Recombinant DNA technology (Immunological screening)PraveenaKalaiselvan1
 
Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...
Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...
Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...anilsa9823
 
Natural Polymer Based Nanomaterials
Natural Polymer Based NanomaterialsNatural Polymer Based Nanomaterials
Natural Polymer Based NanomaterialsAArockiyaNisha
 
Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...
Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...
Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...jana861314
 
Analytical Profile of Coleus Forskohlii | Forskolin .pdf
Analytical Profile of Coleus Forskohlii | Forskolin .pdfAnalytical Profile of Coleus Forskohlii | Forskolin .pdf
Analytical Profile of Coleus Forskohlii | Forskolin .pdfSwapnil Therkar
 
Call Girls in Munirka Delhi 💯Call Us 🔝9953322196🔝 💯Escort.
Call Girls in Munirka Delhi 💯Call Us 🔝9953322196🔝 💯Escort.Call Girls in Munirka Delhi 💯Call Us 🔝9953322196🔝 💯Escort.
Call Girls in Munirka Delhi 💯Call Us 🔝9953322196🔝 💯Escort.aasikanpl
 
Hubble Asteroid Hunter III. Physical properties of newly found asteroids
Hubble Asteroid Hunter III. Physical properties of newly found asteroidsHubble Asteroid Hunter III. Physical properties of newly found asteroids
Hubble Asteroid Hunter III. Physical properties of newly found asteroidsSérgio Sacani
 
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptx
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptxUnlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptx
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptxanandsmhk
 
SOLUBLE PATTERN RECOGNITION RECEPTORS.pptx
SOLUBLE PATTERN RECOGNITION RECEPTORS.pptxSOLUBLE PATTERN RECOGNITION RECEPTORS.pptx
SOLUBLE PATTERN RECOGNITION RECEPTORS.pptxkessiyaTpeter
 
Recombination DNA Technology (Nucleic Acid Hybridization )
Recombination DNA Technology (Nucleic Acid Hybridization )Recombination DNA Technology (Nucleic Acid Hybridization )
Recombination DNA Technology (Nucleic Acid Hybridization )aarthirajkumar25
 
zoogeography of pakistan.pptx fauna of Pakistan
zoogeography of pakistan.pptx fauna of Pakistanzoogeography of pakistan.pptx fauna of Pakistan
zoogeography of pakistan.pptx fauna of Pakistanzohaibmir069
 
Biological Classification BioHack (3).pdf
Biological Classification BioHack (3).pdfBiological Classification BioHack (3).pdf
Biological Classification BioHack (3).pdfmuntazimhurra
 
Is RISC-V ready for HPC workload? Maybe?
Is RISC-V ready for HPC workload? Maybe?Is RISC-V ready for HPC workload? Maybe?
Is RISC-V ready for HPC workload? Maybe?Patrick Diehl
 
Orientation, design and principles of polyhouse
Orientation, design and principles of polyhouseOrientation, design and principles of polyhouse
Orientation, design and principles of polyhousejana861314
 
VIRUSES structure and classification ppt by Dr.Prince C P
VIRUSES structure and classification ppt by Dr.Prince C PVIRUSES structure and classification ppt by Dr.Prince C P
VIRUSES structure and classification ppt by Dr.Prince C PPRINCE C P
 
Bentham & Hooker's Classification. along with the merits and demerits of the ...
Bentham & Hooker's Classification. along with the merits and demerits of the ...Bentham & Hooker's Classification. along with the merits and demerits of the ...
Bentham & Hooker's Classification. along with the merits and demerits of the ...Nistarini College, Purulia (W.B) India
 
Work, Energy and Power for class 10 ICSE Physics
Work, Energy and Power for class 10 ICSE PhysicsWork, Energy and Power for class 10 ICSE Physics
Work, Energy and Power for class 10 ICSE Physicsvishikhakeshava1
 
Artificial Intelligence In Microbiology by Dr. Prince C P
Artificial Intelligence In Microbiology by Dr. Prince C PArtificial Intelligence In Microbiology by Dr. Prince C P
Artificial Intelligence In Microbiology by Dr. Prince C PPRINCE C P
 
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...Sérgio Sacani
 
A relative description on Sonoporation.pdf
A relative description on Sonoporation.pdfA relative description on Sonoporation.pdf
A relative description on Sonoporation.pdfnehabiju2046
 

Recently uploaded (20)

Recombinant DNA technology (Immunological screening)
Recombinant DNA technology (Immunological screening)Recombinant DNA technology (Immunological screening)
Recombinant DNA technology (Immunological screening)
 
Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...
Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...
Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...
 
Natural Polymer Based Nanomaterials
Natural Polymer Based NanomaterialsNatural Polymer Based Nanomaterials
Natural Polymer Based Nanomaterials
 
Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...
Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...
Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...
 
Analytical Profile of Coleus Forskohlii | Forskolin .pdf
Analytical Profile of Coleus Forskohlii | Forskolin .pdfAnalytical Profile of Coleus Forskohlii | Forskolin .pdf
Analytical Profile of Coleus Forskohlii | Forskolin .pdf
 
Call Girls in Munirka Delhi 💯Call Us 🔝9953322196🔝 💯Escort.
Call Girls in Munirka Delhi 💯Call Us 🔝9953322196🔝 💯Escort.Call Girls in Munirka Delhi 💯Call Us 🔝9953322196🔝 💯Escort.
Call Girls in Munirka Delhi 💯Call Us 🔝9953322196🔝 💯Escort.
 
Hubble Asteroid Hunter III. Physical properties of newly found asteroids
Hubble Asteroid Hunter III. Physical properties of newly found asteroidsHubble Asteroid Hunter III. Physical properties of newly found asteroids
Hubble Asteroid Hunter III. Physical properties of newly found asteroids
 
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptx
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptxUnlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptx
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptx
 
SOLUBLE PATTERN RECOGNITION RECEPTORS.pptx
SOLUBLE PATTERN RECOGNITION RECEPTORS.pptxSOLUBLE PATTERN RECOGNITION RECEPTORS.pptx
SOLUBLE PATTERN RECOGNITION RECEPTORS.pptx
 
Recombination DNA Technology (Nucleic Acid Hybridization )
Recombination DNA Technology (Nucleic Acid Hybridization )Recombination DNA Technology (Nucleic Acid Hybridization )
Recombination DNA Technology (Nucleic Acid Hybridization )
 
zoogeography of pakistan.pptx fauna of Pakistan
zoogeography of pakistan.pptx fauna of Pakistanzoogeography of pakistan.pptx fauna of Pakistan
zoogeography of pakistan.pptx fauna of Pakistan
 
Biological Classification BioHack (3).pdf
Biological Classification BioHack (3).pdfBiological Classification BioHack (3).pdf
Biological Classification BioHack (3).pdf
 
Is RISC-V ready for HPC workload? Maybe?
Is RISC-V ready for HPC workload? Maybe?Is RISC-V ready for HPC workload? Maybe?
Is RISC-V ready for HPC workload? Maybe?
 
Orientation, design and principles of polyhouse
Orientation, design and principles of polyhouseOrientation, design and principles of polyhouse
Orientation, design and principles of polyhouse
 
VIRUSES structure and classification ppt by Dr.Prince C P
VIRUSES structure and classification ppt by Dr.Prince C PVIRUSES structure and classification ppt by Dr.Prince C P
VIRUSES structure and classification ppt by Dr.Prince C P
 
Bentham & Hooker's Classification. along with the merits and demerits of the ...
Bentham & Hooker's Classification. along with the merits and demerits of the ...Bentham & Hooker's Classification. along with the merits and demerits of the ...
Bentham & Hooker's Classification. along with the merits and demerits of the ...
 
Work, Energy and Power for class 10 ICSE Physics
Work, Energy and Power for class 10 ICSE PhysicsWork, Energy and Power for class 10 ICSE Physics
Work, Energy and Power for class 10 ICSE Physics
 
Artificial Intelligence In Microbiology by Dr. Prince C P
Artificial Intelligence In Microbiology by Dr. Prince C PArtificial Intelligence In Microbiology by Dr. Prince C P
Artificial Intelligence In Microbiology by Dr. Prince C P
 
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...
 
A relative description on Sonoporation.pdf
A relative description on Sonoporation.pdfA relative description on Sonoporation.pdf
A relative description on Sonoporation.pdf
 

rensomware final ppt

  • 3. RANSOMWARE • Submitted to: DR R.K CHAUHAN Miss pooja mam (assistance professor) • Submitted by : Komal rani Roll no: 43 Sec.: A(MCA 1ST) 6TH OCT, 2017
  • 4. Contents  What Is Ransomware ?  Definition Of Ransomware  History  Types Of Ransomwar  Encryption Ransomware  Lock Screen Ransomware  Mbr Ransomware  Cryptolocker Ransomware  Hoe To Prevent Ransomware?
  • 5. BE CONTINUE…….(content)  How To Identfy Ransomware Removal-microsoft Procedure Delete Cryptolocker Hidden File  Delete Temporary Files Way of payment What is bit coin? Conclusion References
  • 6. What is ransomware ? Ransomware Is A Type Of Malware Which Is Widely Classified As A Trojan. Its Restricts Access To Or Damage The Computer For The Purpose Of Extorting Money For The Victim. It Also Has The Capability To Encrypt A User’s Files,display The Different Threet Massage,and Force The User To Pay Ransom Via An Online Payment System.
  • 7. HISTORY  The first known ransomware was the 1989 "AIDS" trojan (also known as "PC Cyborg") written by Joseph Popp.  Extortionate ransomware became prominent in May 2005.  By mid-2006, worms such as Gpcode, TROJ.RANSOM.A, Archiveus, Krotten, Cryzip, and MayArchive began utilizing more sophisticated RSA encryption schemes, with ever- increasing key-sizes.  In 2011, a ransomware worm imitating the Windows Product Activation notice surfaced.
  • 8. BE CONTINUE… In February 2013, A Ransomware Worm Based Off The Stamp.EK Exploit Kit Surfaced. In July 2013, An Os X-specific Ransomware Worm Surfaced. Cryptolocker Has Raked In Around 5 Million Dollars In The Last 4 Months Of 2013.
  • 9. TYPES OF RANSOMEWARE Encryption Ransomware Lock Screen Ransomware Master Boot Record (Mbr) Ransomware Crypto Locker Ransomware
  • 10. ENCRYPTION RANSOMWARE Encrypts Personal Files/Folders (E.G This Pc). Files Are Deleted Once They Are Encrypted And Generally There Is A Text File In The Same Folder As The Now- inaccessible Files With Instructions For Payment. You May See A Lock Screen But Not All Variants Show One. Instead You May Only Notice A Problem When You Attempt To Open Your Files. This Type Is Also Called 'File Encryptor' Ransomware.
  • 12. LOCK SCREEN RANSOMWARE 'Locks' The Screen And Demands Payment. Presents A Full Screen Image That Blocks All Other Windows. This Type Is Called 'Winlocker' Ransomware. No Personal Files Are Encrypted.
  • 14. MBR RANSOMWARE The Master Boot Record (MBR) is a section of the computer's hard drive that allows the operating system to boot up. MBR ransomware changes the computer's MBR so the normal boot process is interrupted. A ransom demand is displayed on screen instead.
  • 16. CRYPTOLOCER  A Encrypting ransomware reappeared in 2013.  Distributed either as an attachment to a malicious e-mail or as a drive-by download.  encrypts certain types of files stored on local and mounted network drives using RSA public-key cryptography.  The private key stored only on the malware's control servers.  Offers to decrypt the data if a payment (through either Bitcoin or a pre-paid voucher) is made by a stated deadline.  threatens to delete the private key if the deadline passes.
  • 17.  If the deadline is not met, the malware offers to decrypt data via an online service provided by the malware's operators, for a significantly higher price in Bitcoin.
  • 18. HOW TO PREVENT RANSOMWARE?  Keep All Of The Software On Your Computer Up To Date.  Make Sure Automatic Updating Is Turned On To Get All The Latest Microsoft Security Updates And Browser-related Components (Java, Adobe, And The Like).  Keep Your Firewall Turned On.  Don't Open Spam Email Messages Or Click Links On Suspicious Websites. (Cryptolocker Spreads Via .Zip Files Sent As Email Attachments, For Example.)
  • 19. BE CONTINUE…..  Download Microsoft Security Essentials, Which Is Free, Or Use Another Reputable Antivirus And Anti-malware Program.  If You Run Windows 8 Or Windows Rt, You Don’t Need Microsoft Security Essentials.  Scan Your Computer With The Microsoft Safety Scanner.  Keep Your Browser Clean.  Always Have A Good Backup System In Place, Just In Case Your Pc Does Become Infected And You Can’t Recover Your Files.
  • 20. HOW TO IDENTIFY RANSOMWARE? Most Commonly, Ransomware Is Saved To One Of The Following Locations: c:programdata(random alpha numerics).exe c:users(username)0.(random numbers).exe c:usersusernameappdata(random alpha numerics).exe
  • 21. REMOVAL – MICROSOFT PROCEDURE  The Following Microsoft Products Can Detect And Remove This Threat:  Windows Defender (Built Into Windows 8)  Microsoft Security Essentials  Microsoft Safety Scanner  Windows Defender Offline (Some Ransomware Will Not Allow You To Use The Products Listed Here, So You Might Have To Start Your Computer From A Windows Defender Offline Disk.)
  • 22. DELETE CRYPTOLOCKER HIDDEN FILES  Enable The Hidden Files View From Control Panel.  Navigate To The Following Paths And Delete All Cryptolocker Hidden Files:  For Windows Xp  C:documents And Settings<your Username>application Datarandomfilename.Exe  E.G. {Daeb88e5-fa8e-e0d1-8fcd-bfc7d2f6ed25}.Exe  For Windows Vista Or Windows 7  C:users<your Username>appdataroamingrandomfilename.Exe  E.G. {Daeb88e5-fa8e-e0d1-8fcd-bfc7d2f6ed25}.Exe  C:windowssystem32msctfime.Ime
  • 23. DELETE TEMPORARY FILES Finally Delete All Files And Folders Under Your TEMP Folders: For Windows XP – c:documents and settings<your username>local settingstemp – c:windowstemp For Windows Vista Or Windows 7 – c:users<your username>appdatalocaltemp – c:windowstemp
  • 24. Way of payment This step can be fairly easy since most ransomware will display the payment methods in large text or very clear instructions. Typically there will be a link to instructions right in the ransomware screen. In other cases you will have a file named something like DECRYPT_INSTRUCTIONS.TXT that you can follow. Regardless of the specific version of ransomware you’ve been hit with, the payment instructions will give you three pieces of information: • How much to pay • Where to pay • Amount of time left to pay the ransom (countdown timer) Once you have the above information, it’s time to figure out how to pay the ransom.
  • 25. What is bit coin? Once you have a Bitcoin (or more) in your Bitcoin wallet, now it’s time to transfer that Bitcoin to the wallet of the ransomware creator. Typically paying the ransom will require one or more of the following pieces of information: • A web address to view your specific ransomware payment information (this may be a TOR address). • The hacker’s BTC wallet ID that you will use to transfer the BTC to. • Depending on ransomware, the transaction ID or “hash” generated when you actually transfer the BTC to the hacker’s wallet.
  • 26. E xample of a Bitcoin wallet string: 19eXu8 8pqN30ejLxfei4S1alqbr23pP4bd
  • 27. PAY BTC AND SHOW THE PROOF
  • 28. CONCLUSION When It Comes To Malware Attacks, Knowledge Is The Best Possible Weapon To Prevent Them. Be Careful What You Click!! Preventive Measures Should Be Taken Before Ransomewares Establish Strong Hold. Keeping All The Software Updated And Getting Latest Security Updates Might Help To Prevent The Attacks. Use Of Antivirus And Original Software Is Highly Recommended. Creating Software Restriction Policy Is The Best Tool To Prevent A Cryptolocker Infection In The First Place In Networks.
  • 29. REFRENCE  http://www.microsoft.com/security/resources/ransomware- whatis.aspx  http://www.microsoft.com/security/portal/mmpc/shared/ransomw are.aspx  http://www.sophos.com/en- us/support/knowledgebase/119006.aspx  http://us.norton.com/ransomware  http://en.wikipedia.org/wiki/Ransomware For details in removal and recovery solutions visit:  http://www.wintips.org/how-to-remove-cryptolocker-ransomware- and-restore-your-files/  http://www.f-secure.com/en/web/labs_global/removal/removing- ransomware