Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Standard view
Full view
of .
Look up keyword
Like this
0 of .
Results for:
No results containing your search query
P. 1
Sophos Ransom Ware Fake Antivirus

Sophos Ransom Ware Fake Antivirus

Ratings: (0)|Views: 482|Likes:
Published by Yury Chemerkin

More info:

Published by: Yury Chemerkin on Mar 06, 2013
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less





A SophosLabs technical paper -February 2013
ByAnand Ajjan, Senior Threat Researcher, SophosLabs
Next-GenerationFake Antivirus
Ransomware: Next-Generation Fake Antivirus
A SophosLabs technical paper -February 2013
1. Overview
Ransomware is a type o malware which is widely classifed as a Trojan. It restricts accessto or damages the computer or the purpose o extorting money rom the victim. It also hasthe capability to encrypt a user’s fles, display dierent threat messages, and orce the userto pay ransom via an online payment system. There are various types o ransomware, whichwe shall describe in detail in the latter part o this paper. This paper describes in detail ourfndings about the motivations, strategies and techniques utilized in creating and propagatingransomware.
2. Ransomware versus ake antivirus
Ransomware may oten be compared to ake antivirus in the way it operates and themotivation behind it. However, what dierentiates them is the way they manipulate humantendencies and ears; ake antivirus plays on the security ears and calls or the user to takeactions in sel-preservation, whereas ransomware works either as extortion or punishment.According to Google Trends, ransomware has certainly surpassed ake antivirus in terms ouser queries on Google.
fg. 1: Ransomware more popular search term than ake antivirus since late 2011
The graph above shows ransomware has been a more popular search term than akeantivirus since late 2011. This strongly suggests that malware authors fnd ransomwareto be more proftable and convincing than ake antivirus. Another reason or ransoware’ssuccess is the act that the makers o the Blackhole exploit kit include ransomware in theirdistribution system.

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->