Ransomware
is on the rise these days. It can hold your computer and your data
hostage with the threat of losing your data for good unless the ransom
demand is paid. You should never pay these criminals a dime because
doing so only encourages them to continue pulling this scam on more
victims. Unless you’ve gotten hit by one of the really nasty varieties
such as CryptoLocker, there is still a good chance that your data can be saved without resorting to paying the ransom.
In this article, we’re going to talk about a variety of
ransomware that doesn’t encrypt your files but locks you out of your
system by not allowing you to use your operating system's user
interface. This is known a Screen Locking Ransomware. We'll talk about
that in a minute, first, Let's look at the other different types of
ransomware.
What Kind of Ransomware is Infecting My System?
There
are several different types of ransomware, some more nasty than others.
Some can be removed without incident and some can make it nearly
impossible to regain your data, Here are some of the main sub-types of
ransomware that you're likely to encounter:
File-encrypting Ransomware:
This
is the most feared type of ransomware because it keeps its promise of
encrypting your files making them unusable until the encryption key is
provided.
If you backup your data on a regular basis, then you
won’t have to worry about your files being encrypted because you have a
backup of them which is safe and sound in a cabinet somewhere in your
residence. Having a backup of your data is critical to ensuring that the
ransomware crooks don’t have the only copy of your files.
There are some kinds of encrypting ransomware that can be cured.
Check out the links at the bottom of this article for some tools that
may help.
Ransom Scareware
This is one of
the milder forms of ransomware with the greatest chance of being able to
be removed from your system by anti-malware products.
These types of ransomware are a form of scareware
and will typically make threats that they are going to do something to
your system, but won’t actually do anything to your data besides make it
difficult to access it via the operating system.
Usually this
type of ransomware can be removed by anti-malware or by moving the
infected drive to another (non-infected) computer and accessing the data
form another OS as a non-bootable drive.
Screen Locking Ransomware
Unlike
some other forms of ransomware that holds access to data hostage ,
screen locking ransomware holds the entire operating system interface
hostage.making it seemingly impossible to manipulate the operating
system in any way. It will offer to unlock the system once a fee (the
ransom) is paid.
An example of this type of ransomware would be the FBI Ukash MoneyPak ransomware (see this article from the BitDefender blog for more information on it)
How Can I Remove Ransomware if my computer is Infected With it?
There are several tools that can be used to remove many of the different types of ransomware. Some of these tools include:
Trendmicro's Ransomware Removal Tool - ransomware targeting removal tool available for Windows-based PCs.
Kaspersky's Ransomware Decryptor Site (able to decrypt some types of of ransomware such as CoinVault).
Hitman Pro Kickstart - a bootable anti-ransomware tool from SurfRight.
By Andy O'Donnell
Security Expert