• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Jobs
  • Career
    • Cyber Security Training
    • Work from Home
    • Cyber Security Analyst
    • Remote Work – Six Ways to Keep Your Data Safe When Working Remotely
  • Field Guide
  • Newsletter Signup
  • Deals
  • News
AskCyberSecurity.com

AskCyberSecurity.com

Cyber Security News & Information

  • Home
  • Data Privacy
    • Gamers
    • Government Cyber Security
      • Legislation
      • Standards
        • What are the risks of computer security?
        • Medical Cyber Security
    • Social Media
  • Security
    • Data Breaches
    • Scams
    • Malware
  • Software
    • Apps
    • Web Browsers
  • Glossary
    • Cyber Security Acronyms
  • About Ask Cyber Security
    • Authors
    • Contact Us
  • VPN
    • How Do I Know If My VPN is Working?
    • Best Free VPN iPhone
    • Why Use a VPN?
    • NordVPN vs IPVanish
    • Private Internet Access Download
    • Best VPN for Streaming
      • TikTok VPN
    • VPN Porn
    • Computer Security Software – What You Really Need
  • Tutorials
  • ChatGPT
    • Does ChatGPT Save Data?
AskCyber Home » News » Malware » Top Five Worst Ransomware Attacks

Top Five Worst Ransomware Attacks

2018-08-23 by Michelle Dvorak

Top Five Worst Ransomware Attacks

Recent ransomware attacks are becoming more complex and harder to decrypt. They are also easier to launch and distribute. Global cyber attacks are launched with emails that are personalized to trick the reader. Much of the information used in a targeted spear phishing email attack is gained from social engineering.

What is Ransomware?

Ransomware is a portmanteau of two words “ransom” and “malware.” Ransomware is a form of malware that infects a laptop, hardware, software, or entire IT system. The hacker who launched the ransomware attack usually takes control of an internet connected device and blocks all other access to the device or certain files on the device. To regain control of the computer, the hacker demands something, usually money as a ransom. When the hacker’s ransom is paid, control of the computer system is (supposedly) returned to the owner. There is generally a deadline by which the ransom must be paid.

WannaCry

WannaCry was a global ransomware malware that struck Europe in 2017. European firms such as FedEx, Portugal Telecom, and Russia’s Megafon were all infected with WannaCry. The entire British healthcare system was locked up by WannaCry. The ransomware also spread to Taiwan.

This malware is based on the United States’ NSA’s Eternal Blue hacking tool which hacked itself and release on the dark web.

WannaCry locked up computers in exchange for $300 in Bitcoin. The malware only made about $50,000.

Locky

Locky is one of the happiest sounding names in ransomware. This variant showed up in 201 and persisted into 2017. It was especially notorious because it was delivered via email in the form of an attached pdf invoice. If the email reader opened the attached file, the ransomware would start installing itself and infecting the machine immediately.

Hollywood Presbyterian Medical Center paid $17,000 ransom money as Bitcoin for a decryption key for patient data. BY the time it was over, Locky had infected one million machines!

Petya

Petya was a 2017 ransomware infected machines in Europe, as well as the United States, the Middle East, Spain, Germany, Israel, the UK, Netherlands and the United States. Russia was hit the hardest The Ukrainian National Bank, Russia’s state power company, the metro system, and the main airport in Kiev were all affected with the Petya ransomware outbreak. Even Chernobyl’s radiation monitoring system was infected with the malware.

Petya also demanded $300 in Bitcoin to release control of infected machines. However, the ransomware had a fatal flaw. The ransom deposits were all funneled to one email address used for a Bitcoin wallet. That email box was quickly closed down by the email provider, this making the ransomware pointless.

Petya only affected unpatched Microsoft Windows machines by exploiting Eternal Blue technology.

NotPetya

NotPetya is a variant of Petya malware. This ransomware is an especially malicious and nasty version of ransomware call sabotageware. Most ransomware is out to rake in money for the hacker who created it. In the case of sabotageware, NotPetya was only out to encrypt and destroy files. There was not ransom and no decryption. Like it close malware cousin, Petya, this malware runs a fake CHKDSK display while it begins to encrypt the unsuspecting victim’s files.

It is believed that Russian and Ukraine were the targets of a politically motivated cyber attack.

Bad Rabbit

Bad Rabbit is another ransomware which a variant of Petya malware is. It was targeted at enterprise networks. And you already know that Petya uses the NSA’s Eternal Blue which was released into the wild by, you guessed it, hackers!

Bad Rabbit’s patience was on a short leash as victims had only 41 hours to transfer 0.5 Bitcoin (which was worth a LOT more at the time) to receive the decryption keys. Fortunately, it was easy to defeat Bad Rabbit proactively, with a few helpful system changes discovered by Kaspersky Labs.

The ransomware was distributed through a fake Adobe Flash update. Russia was hit hardest by Bad Rabbit. There were however, infections in Ukraine, Turkey, Germany, Poland, South Korea, and the United States.

The best defense is user education. Learn to distinguish a legitimate email from a phishing email. Another important defense against malware is keeping hardware and software updated with the latest security patches.

Filed Under: Malware Tagged With: bad rabbit, Eternal Blue, NotPetya, Petya, ransomware

About Michelle Dvorak

Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers


LinkedInTwitterFacebook

Primary Sidebar

Subscribe to Our Free Newsletter

We Don't Share or Sell Your Info

Web Browsers

Where Are My Saved Passwords in Chrome?

Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

Firefox 75 Reports Your Browser Settings to Mozilla

Categories

Cyber Security Field Guide

Computer Security While TravelingGet Our Cyber Security Field Guide - Available on Amazon!

Recent Posts

Security Marketing Manager – Remote

Sr. Associate, Cybersecurity Architect – Pfizer

Strategic Customer Success Manager – Cybersecurity – Opportunity for Working Remotely

Top 20 Passwords Leaked on Dark Web

ISU Cybersecurity Leader Job Opening

Cyber Security News

Top 20 Passwords Leaked on Dark Web

… [Read More...] about Top 20 Passwords Leaked on Dark Web

Apple Warns of Actively Exploited Zero-Day Flaw

… [Read More...] about Apple Warns of Actively Exploited Zero-Day Flaw

IRS Stops Facial Recognition System for Online Access

… [Read More...] about IRS Stops Facial Recognition System for Online Access

National Cybersecurity Alliance Announces Data Privacy Week

… [Read More...] about National Cybersecurity Alliance Announces Data Privacy Week

More Cyber Security News

Tags

amazon Android Apple bitcoin China chrome CISA credit card DarkSide DHS DOJ Equifax Europe Facebook facial recognition FBI Firefox FTC games GDPR Google Government hacker identity theft India iPhone Iran IRS LinkedIn Microsoft North Korea PayPal phishing phishing email ransomware REvil Russia smartphone T-Mobile TikTok tutorial VPN WhatsApp WiFi Windows

Government

CBP Looks to Access Airline Passenger Data

FTC Releases Cyber Threat Video Playlist

Malware Found on US Government Funded Phones

UK NCA Reaches Out to Youth to Deter Cybercrimes

More Posts from this Category

Footer

Menu

  • Home
  • About
  • Authors
  • Newsletter Signup
  • PRIVACY POLICY

Search

Why Use a VPN?

NordVPN vs IPVanish VPN Review

NAVIGATION

  • Data Breaches
  • Data Privacy
  • Gamers
  • Scams
  • Malware

MEMBER NJCCIC

New Jersey Cybersecurity & Communications Integration Cell

STAY CONNECTED

  • Facebook
  • Instagram
  • Pinterest
  • YouTube
  • Twitter
  • RSS

Copyright © 2023 · AskCyberSecurity.com · METRONY, LLC

Go to mobile version