Top 10 Cryptoware Types


August 1, 2016 03:00 PM

 

1. Locky

Locky propagates through spam emails with infected files, and changes all file extensions to .locky.

2. Samas

Samas exploits webserver’s vulnerabilities to then spread inside the network

3. Petya

Petya propagates via phishing and introduces a new method of overriding hard drive MBR.

4. Cerber

Cerber masquerades itself as an Adobe Flash player update, impersonating to a Windows executable to pop up in the next reboot.

5. BART

BART – an evolution of Locky from the same creators, distributed through spam email after locky has become well known. BART does not encrypt the files, but creates a password protected archive

6. CTB Locker

CTB Locker – spreads via customized deceptive emails. It can encrypt several machines within the same network, and also features a mechanism of recognizing malware analysis programs in order to avoid them (it simply won’t be triggered)

7. CryptXXX

CryptXXX – spreads via spam emails. Scans files and adds the .crypt extension. 2.0, 3.0. and 4.0 versions feature immunity against free decryption tools, thus more victims tend to pay the ransom.

8. Unlock 92

Unlock 92 – using RSA-2048 algorithm to encrypt files. Communicates in Russian only. In many cases did not unlock the files though payment was received

9. TeslaCrypt

TeslaCrypt - It is typically exploits Adobe vulnerabilities and uses an AES algorithm to encrypt files.

10, Jigsaw

Jigsaw – after encrypting the files, begins deleting them in bulks every hour until the ransom is paid (or all at once after 72 hours)

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support

Get Social

Connect with experts and join the conversation about Radware technologies.

Radware Blog
Security Research Center