• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Jobs
  • Career
    • Cyber Security Training
    • Work from Home
    • Cyber Security Analyst
    • Remote Work – Six Ways to Keep Your Data Safe When Working Remotely
  • Field Guide
  • Newsletter Signup
  • Deals
  • News
AskCyberSecurity.com

AskCyberSecurity.com

Cyber Security News & Information

  • Home
  • Data Privacy
    • Gamers
    • Government Cyber Security
      • Legislation
      • Standards
        • What are the risks of computer security?
        • Medical Cyber Security
    • Social Media
  • Security
    • Data Breaches
    • Scams
    • Malware
  • Software
    • Apps
    • Web Browsers
  • Glossary
    • Cyber Security Acronyms
  • About Ask Cyber Security
    • Authors
    • Contact Us
  • VPN
    • How Do I Know If My VPN is Working?
    • Best Free VPN iPhone
    • Why Use a VPN?
    • NordVPN vs IPVanish
    • Private Internet Access Download
    • Best VPN for Streaming
      • TikTok VPN
    • VPN Porn
    • Computer Security Software – What You Really Need
  • Tutorials
AskCyber Home » News » Malware » Top Five Worst Ransomware Attacks

Top Five Worst Ransomware Attacks

2018-08-23 by Michelle Dvorak

Top Five Worst Ransomware Attacks

Recent ransomware attacks are becoming more complex and harder to decrypt. They are also easier to launch and distribute. Global cyber attacks are launched with emails that are personalized to trick the reader. Much of the information used in a targeted spear phishing email attack is gained from social engineering.

What is Ransomware?

Ransomware is a portmanteau of two words “ransom” and “malware.” Ransomware is a form of malware that infects a laptop, hardware, software, or entire IT system. The hacker who launched the ransomware attack usually takes control of an internet connected device and blocks all other access to the device or certain files on the device. To regain control of the computer, the hacker demands something, usually money as a ransom. When the hacker’s ransom is paid, control of the computer system is (supposedly) returned to the owner. There is generally a deadline by which the ransom must be paid.

WannaCry

WannaCry was a global ransomware malware that struck Europe in 2017. European firms such as FedEx, Portugal Telecom, and Russia’s Megafon were all infected with WannaCry. The entire British healthcare system was locked up by WannaCry. The ransomware also spread to Taiwan.

This malware is based on the United States’ NSA’s Eternal Blue hacking tool which hacked itself and release on the dark web.

WannaCry locked up computers in exchange for $300 in Bitcoin. The malware only made about $50,000.

Locky

Locky is one of the happiest sounding names in ransomware. This variant showed up in 201 and persisted into 2017. It was especially notorious because it was delivered via email in the form of an attached pdf invoice. If the email reader opened the attached file, the ransomware would start installing itself and infecting the machine immediately.

Hollywood Presbyterian Medical Center paid $17,000 ransom money as Bitcoin for a decryption key for patient data. BY the time it was over, Locky had infected one million machines!

Petya

Petya was a 2017 ransomware infected machines in Europe, as well as the United States, the Middle East, Spain, Germany, Israel, the UK, Netherlands and the United States. Russia was hit the hardest The Ukrainian National Bank, Russia’s state power company, the metro system, and the main airport in Kiev were all affected with the Petya ransomware outbreak. Even Chernobyl’s radiation monitoring system was infected with the malware.

Petya also demanded $300 in Bitcoin to release control of infected machines. However, the ransomware had a fatal flaw. The ransom deposits were all funneled to one email address used for a Bitcoin wallet. That email box was quickly closed down by the email provider, this making the ransomware pointless.

Petya only affected unpatched Microsoft Windows machines by exploiting Eternal Blue technology.

NotPetya

NotPetya is a variant of Petya malware. This ransomware is an especially malicious and nasty version of ransomware call sabotageware. Most ransomware is out to rake in money for the hacker who created it. In the case of sabotageware, NotPetya was only out to encrypt and destroy files. There was not ransom and no decryption. Like it close malware cousin, Petya, this malware runs a fake CHKDSK display while it begins to encrypt the unsuspecting victim’s files.

It is believed that Russian and Ukraine were the targets of a politically motivated cyber attack.

Bad Rabbit

Bad Rabbit is another ransomware which a variant of Petya malware is. It was targeted at enterprise networks. And you already know that Petya uses the NSA’s Eternal Blue which was released into the wild by, you guessed it, hackers!

Bad Rabbit’s patience was on a short leash as victims had only 41 hours to transfer 0.5 Bitcoin (which was worth a LOT more at the time) to receive the decryption keys. Fortunately, it was easy to defeat Bad Rabbit proactively, with a few helpful system changes discovered by Kaspersky Labs.

The ransomware was distributed through a fake Adobe Flash update. Russia was hit hardest by Bad Rabbit. There were however, infections in Ukraine, Turkey, Germany, Poland, South Korea, and the United States.

The best defense is user education. Learn to distinguish a legitimate email from a phishing email. Another important defense against malware is keeping hardware and software updated with the latest security patches.

Filed Under: Malware Tagged With: bad rabbit, Eternal Blue, NotPetya, Petya, ransomware

About Michelle Dvorak

Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers


LinkedInTwitterFacebook

Primary Sidebar

Subscribe to Our Free Newsletter

We Don't Share or Sell Your Info

Web Browsers

Where Are My Saved Passwords in Chrome?

Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

Firefox 75 Reports Your Browser Settings to Mozilla

Categories

Cyber Security Field Guide

Computer Security While TravelingGet Our Cyber Security Field Guide - Available on Amazon!

Recent Posts

Cyber Information Systems Security Manager 2

Google Says Advertisers Don’t Need to Track Individual Across the Web

Malaysia Airlines Reports Data Breach

Intelligence Manager – Emerging Threats

Email Scam Impersonates Your HR Department

IPVanish

IPVanish VPN

Cyber Security News

Google Says Advertisers Don’t Need to Track Individual Across the Web

… [Read More...] about Google Says Advertisers Don’t Need to Track Individual Across the Web

Malaysia Airlines Reports Data Breach

… [Read More...] about Malaysia Airlines Reports Data Breach

Email Scam Impersonates Your HR Department

… [Read More...] about Email Scam Impersonates Your HR Department

Microsoft Releases Open Source Tool to Root Out SolarWinds Malware

… [Read More...] about Microsoft Releases Open Source Tool to Root Out SolarWinds Malware

More Cyber Security News

Tags

amazon Android app Apple bitcoin China chrome CISA credit card Cyber Attack DHS Equifax Europe Facebook facial recognition FBI Firefox FTC games GDPR Google Government hacker identity theft India iPhone Iran IRS LinkedIn Microsoft North Korea PayPal phishing phishing email ransomware Romance Scam Russia smartphone tax scam TikTok tutorial VPN WhatsApp WiFi Windows

Government

FTC Releases Cyber Threat Video Playlist

Malware Found on US Government Funded Phones

UK NCA Reaches Out to Youth to Deter Cybercrimes

Texas DOT Hit by Ransomware Attack

More Posts from this Category

Footer

Menu

  • Home
  • About
  • Authors
  • Newsletter Signup
  • PRIVACY POLICY

Search

Why Use a VPN?

NordVPN vs IPVanish VPN Review

NAVIGATION

  • Data Breaches
  • Data Privacy
  • Gamers
  • Scams
  • Malware

MEMBER NJCCIC

New Jersey Cybersecurity & Communications Integration Cell

STAY CONNECTED

  • Facebook
  • Instagram
  • Pinterest
  • YouTube
  • Twitter
  • RSS

Copyright © 2021 · AskCyberSecurity.com · METRONY, LLC

Go to mobile version