How Ransomware Takes your Data
This post is just a information on how hackers using malicious code formly known as ransomware to lock/encrypt all your computer data.
First of all the hacker actually did not really hack your computer, they actually wait for you to make a mistake. Hackers will send as many email to any recepients and wait for them to click on the emails. Normally they will send message say that you win something and can claim the price by clicking on the link they provide. This is the mistake that hacker waiting you to do. That is why you need to be very carefully before clicks on the link from emails. Sometime the link redirect you to malicious website and auto program that will be used by hackers to send command to your computer.
So in summary, this is how Ransomware works.
- You received an infected file(typically attached to an email or an URL). If you click or open the files, you have let malicious code into your computer.
- The hacker received notification said someone already open the files/URL.
- Hacker send command to your computer to encrypt all files in your computer using their encryption key to lock your data.
- Malicious code blocks access to the data in your computer. Without the key, all files on your computer are locked/encrypted.
- In a matter of minutes, your files are locked out of reach.
- A message appear when you try to open a file demanding a ransom to unlock your data.
- Payment in the online currency(Bitcoin) helps hackers cover their tracks.
- Now is the interesting part. If you dont pay - Your encrypted files are lost. If you pay - 2 things will happen, the hacker send you the key to unlock your files and the worst hackers not send you the key to unlock your files.
- Hackers now received your money in crypto currency and hiding in the "Darknet". You will not able to trace who did this.
So this is in summary how ransonware works.