Ransomware ayaa maalmahan noqday khatar ba'an oo ku soo wajahan adduunka khadka tooska ah. Shirkado badan oo software, jaamacado, shirkado, iyo ururo aduunka oo dhan ah ayaa isku dayaya inay qaadaan tillaabooyin taxadar leh si ay naftooda uga badbaadiyaan weerarada madax furashada. Dowladaha Mareykanka iyo ^(United) Kanada^(States) ayaa soo saaray bayaan wadajir ah oo ku saabsan weerarrada ransomware iyagoo ku boorriyay isticmaaleyaasha inay feejignaadaan oo ay taxaddaraan. Dhawaan Maajo 19-keedii ^{(May 19),} dawladda Switzerland waxay xustay Maalinta Macluumaadka Ransomware^{(Ransomware Info Day)} , si loo faafiyo wacyiga ku saabsan madax-furashada iyo saameyntiisa. Ransomware gudaha Hindiya sidoo kale wuu sii kordhayaa.

Microsoft ayaa dhawaan daabacday xog sheegeysa inta makiinadaha (isticmaala) ay saameeyeen weerarrada madax-furasho ee adduunka oo dhan. Waxaa la ogaaday in Maraykanku^(United) uu ugu sarreeyay weerarrada madax-furashada ; ^(States)waxaa ku xiga Italy iyo Canada . Waa kuwan 20ka waddan ee sida weyn u saameeyay werarada madaxfurasho.

Halkan waxaa ah qoraal faahfaahsan oo ka jawaabi doona inta badan su'aalahaaga ku saabsan ransomware. Maqaalkani waxa uu eegi doonaa Waa maxay Weerarada Ransomware, Noocyada ransomware, Sidee ransomware-ku ku dhacaa kombayutarkaaga oo uu soo jeedinayaa siyaabaha wax looga qabto ransomware.
^{(Here is a detailed write-up that will answer most of your questions regarding ransomware. This post will take a look at What are Ransomware Attacks, the Types of ransomware, How does ransomware gets on your computer and suggests ways of dealing with ransomware.)}

Weerarrada Ransomware

Waa maxay Ransomware

Ransomware waa nooc ka mid ah malware kaas oo xira faylashaada, xogtaada ama kombayutarka laftiisa oo kaa qaada lacag si aad u hesho. Tani waa hab cusub oo ay qorayaasha malware-ku 'lacag ugu ururiyaan' hawlahooda sharci-darrada ah ee shabakadda.

Sidee ransomware-ka ugu soo dhacaa kombiyuutarkaaga

Waxaad heli kartaa ransomware haddii aad gujiso xiriir xun ama aad furto lifaaq email xaasid ah. Sawirkan laga helay Microsoft waxa uu sharaxayaa sida caabuqa ransomware u dhaco.

Ransomware wuxuu u eg yahay barnaamij aan waxba galabsan ama plugin ama iimaylka wata lifaaq 'nadiif' ah oo la rakibay iyada oo aan la ogeyn isticmaaluhu. Isla marka ay hesho marinkeeda nidaamka isticmaalaha, waxay bilaabataa inay ku faafto nidaamka oo dhan. Ugu dambeyntii, hal mar, ransomware-ku wuxuu xiraa nidaamka ama faylalka gaarka ah wuxuuna xaddidaa isticmaalaha inuu galo. Mararka qaarkood, faylashan waa la sir ah. Qora madaxfurasho wuxuu dalbanayaa lacag go'an si uu u bixiyo gelitaanka ama furdaminta faylalka.

Fariinta digniinta been abuurka ah ee ransomware-ku waxay u eegtahay sidatan:

Si kastaba ha ahaatee, inta lagu jiro weerarrada madaxfurasho, ma jirto dammaanad qaadka in isticmaalayaashu ay dib u heli doonaan faylalkooda xitaa ka dib bixinta madaxfurashada. Sidaa darteed^(Hence) , way fiicantahay inaad ka hortagto weerarrada ransomware intii aad isku dayi lahayd inaad xogtaada si uun uga soo celiso. Waxaad isticmaali kartaa RanSim Ransomware Simulator si aad u hubiso in kombayutarkaagu si ku filan loo ilaaliyo.

Akhri^(Read) : Maxaa la sameeyaa ka dib marka Ransomware lagu weeraro kombiyuutarkaaga Windows?^{(What to do after a Ransomware attack on your Windows computer?)}

Sida loo garto weerarrada ransomware

Madax furashada guud ahaan waxay weerartaa xogta gaarka ah, sida sawirada isticmaalaha, dukumeentiyada, faylasha, iyo xogta. Way fududahay in la aqoonsado ransomware-ka^{(identify the ransomware)} . Haddii aad aragto qoraal madaxfurasho ah oo dalbanaya lacag si aad u geliso faylalkaaga, ama faylalka sir ah, faylasha la beddelay, browserka qufulan ama shaashad quful ah ee PC gaaga, waxaad odhan kartaa ransomware ayaa qabsaday nidaamkaaga.

Si kastaba ha ahaatee, calaamadaha weerarrada ransomware way isbedeli karaan sida noocyada ransomware.

Akhri^(Read) : Khariidadaha Tracker-ka Malware kaas oo kuu ogolaanaya inaad aragto Weerarada Cyber^{(Cyber Attacks)} ​​​​waqtiga dhabta ah.

Noocyada weerarada ransomware

Horaantii, ransomware waxa loo isticmaalay in lagu soo bandhigo fariin sheegaysa in isticmaaluhu uu sameeyay wax sharci darro ah oo ay ku ganaaxayaan booliiska ama hay'adda dawladda iyada oo loo eegayo siyaasadda qaarkood. Si meesha looga saaro 'dacwooyinkan' (kuwaasi oo xaqiiqdii ahaa eedeymo been abuur ah), isticmaalayaasha waxaa la weydiistay inay bixiyaan ganaaxyadan.

Maalmahan, madax furasho ayaa laba siyaabood u weeraray. Waxay xirtaa shaashadda kumbuyuutarka ama waxay ku xafiddaa faylal gaar ah oo sirta ah. Iyada oo ku saleysan labadan nooc, ransomware-ku wuxuu u qaybsan yahay laba nooc:

1. Shaashada quful ransomware
2. Sirta ransomware

Shaashada quful ransomware^{(Lock screen ransomware)} waxay qufulaysaa nidaamkaaga oo waxay ka dalbanaysaa madax furasho si ay kuugu ogolaato mar labaad. Nooca labaad, sida ransomware-ka Encryption^{(Encryption ransomware)} , wuxuu beddelaa faylalka nidaamkaaga oo wuxuu dalbanayaa lacag si uu mar kale u furfuro.

Noocyada kale ee ransomware waa:

1. Diiwaanka Boot Master^{(Master Boot Record)} (MBR) ransomware
2. Ransomware oo siraysa server-yada shabakadda
3. Qalabka moobilka ee Android
4. IoT ransomware .

Waa kuwan qaar ka mid ah qoysaska ransomware iyo tirakoobkooda weerarrada:

Sidoo kale, u fiirso koritaanka Ransomware iyo tirakoobka caabuqa.

Yaa ay saameyn karaan weerarrada madaxfurasho

Dhib ma leh meesha aad joogto iyo aaladda aad isticmaalayso. Ransomware wuxuu weerari karaa qof kasta, wakhti kasta iyo meel kasta. Weerrarada madaxfurasho waxay ka dhici karaan qalab kasta oo gacanta ah, PC ama Laptop-ka marka aad internet-ka u isticmaalayso surfing, iimaylka, shaqada, ama wax-ka-iibsashada onlaynka. Marka ay hesho waddo loo maro aaladda gacanta ama kombayutarka, waxa ay adeegsan doontaa sirta iyo xeeladaha lacag-ururinta ee kombayutarkaas iyo moobilka.

Marka ransomware heli karo fursad uu ku weeraro

Haddaba waa maxay dhacdooyinka suurtagalka ah marka ransomware uu garaaci karo?

• Haddii aad baadhayso mareegaha aan la aamini karin
• Soo dejinta ama furitaanka lifaaqyada faylka laga helay iimaylo soo diray aan la garanayn (imaylka spam). Qaar ka mid ah kordhinta faylka ee lifaaqyadan waxay noqon karaan, (.ade, .adp , .ani , .bas , .bat , .chm , .cmd , .com , .cpl , .crt , .hlp , .ht, .hta , .inf , .ins^(.isp) , .isp^(.job) , .shaqo, .js , .jse , .lnk , .mda , .mdb , .mde , .mdz , .msc ..msi , .msp , .mst , .pcd , .reg , .scr , .sct , .shs , .url , .vb^(.pif) , .vbe , .vbs , .wsc , .wsf^(.exe) , .wsh^(.wsf) , pif^(.wsh) , .) Sidoo kale wuxuu fayl-gareeyaa noocyada taageera macros (.doc, .xls , .docm , .xlsm , .pptm , iwm.)
• Rakibaadda software-ka budhcad-badeedda, barnaamijyada software-ka ee duugoobay ama nidaamyada hawlgalka
• Gelida kombuyuutar ka mid ah shabakadihii horeba u bukay

Ka-hortagga weerarrada ransomware

Sababta kaliya ee ransomware loo abuuray, waa sababtoo ah qorayaasha malware waxay u arkaan hab sahlan oo lacag lagu sameeyo. Nuglaanta sida software-ka aan la daboolin, nidaamyada hawlgalka ee duugoobay ama jaahilnimada dadka ayaa faa'iido u leh dadka noocaas ah ee leh ujeeddooyin xaasidnimo iyo dembi. Sidaa darteed^(Hence) , wacyigelintu^(awareness) waa habka ugu wanaagsan ee looga fogaado weerar kasta oo loo geysto ransomware.

Waa kuwan dhowr tillaabo oo aad qaadi karto si aad wax uga qabato ama wax uga qabato weerarrada ransomware:

1. Isticmaalayaasha Windows waxay ku taliyeen inay casriyeeyaan Nidaamkooda Operating System -ka Windows. Haddii aad u cusboonaysiiso Windows 10 , waxaad hoos u dhigi doontaa dhacdooyinka weerarka ransomware ilaa xadka ugu badan.
2. Had iyo jeer ku celi xogtaada muhiimka ah hard-drive dibadeed.
3. Daree taariikhda faylka ama ilaalinta nidaamka
4. Ka digtoonow^(Beware) iimaylada phishingka, spamka, oo hubi iimaylka ka hor intaadan gujin lifaaqa xaasidnimada leh.
5. Demi rarka macros ee ku jira barnaamijyada Xafiiskaaga.
6. Demi astaantaada Desktop^(Desktop) -ka fog mar kasta oo ay suurtogal tahay.
7. Isticmaal xaqiijin laba-geesood ah.
8. Adeegso xidhiidh badbaado leh oo sirta ah.
9. Ka fogow^(Avoid) daalacashada mareegaha inta badan sabab u ah taranta malware sida meelaha sida sharci darada ah wax looga soo dejiyo, goobaha dadka waaweyn iyo goobaha khamaarka.
10. Ku rakib^(Install) , isticmaal, oo si joogto ah u cusboonaysii xalka ka-hortagga
11. Isticmaal software-ka-hortagga ransomware-ka ee wanaagsan^{(anti-ransomware software)}
12. Si dhab ah u qaado amniga MongoDB si aad uga ilaaliso xogtaada in lagu afduubo ransomware.

Raadsomware Tracker wuxuu kaa caawinayaa inaad la socoto, yarayso oo aad naftaada ka ilaaliso khayaanada.

Akhri^(Read) : Ka ilaali oo ka hortag weerarada Ransomware^{(Protect against and prevent Ransomware attacks)(Protect against and prevent Ransomware attacks)} .

In kasta oo ay jiraan qaar ka mid ah qalabyada decryptor ransomware^{(ransomware decryptor tools)} , waxaa lagugula talinayaa inaad si dhab ah u qaadato dhibaatada werarada ransomware. Ma aha oo kaliya inay khatar geliso xogtaada, laakiin sidoo kale waxay jebin kartaa sirtaada ilaa xad ay wax u dhimi karto sumcadaada sidoo kale.

Microsoft wuxuu leeyahay ,

The number of enterprise victims being targeted by ransomware is increasing. The sensitive files are encrypted, and large amounts of money are demanded to restore the files. Due to the encryption of the files, it can be practically impossible to reverse-engineer the encryption or “crack” the files without the original encryption key – which only the attackers will have access to. The best advice for prevention is to ensure confidential, sensitive, or important files are securely backed up in a remote, unconnected backup or storage facility.

Haddii ay dhacdo inaad haysato nasiib darrada ah in lagugu qaadsiiyay ransomware, waxaad awoodi kartaa haddii aad rabto, waxaad u sheegi kartaa Ransomware FBI^{(report Ransomware)(report Ransomware)} ,^(FBI) Booliiska ama^(Police) mas'uuliyiinta ku habboon.

Hadda ka akhriso ilaalinta Ransomware ee Windows^{(Ransomware protection in Windows)} .

Ransomware Attacks, Definition, Examples, Protection, Removal

Ransomware has become a serious threat to the online world these days. Many software firms, universities, companies, and organizations around the world are trying to take precautionary measures to save themselves from ransomware attacks. The United States and Canadian governments have issued a joint statement about ransomware attacks urging users to stay alert and take precautions. Recently on May 19^th, the Swiss government observed the Ransomware Info Day, to spread awareness regarding ransomware and its effects. Ransomware in India too is on the rise.

Microsoft recently published a data mentioning how many machines (users) were affected by ransomware attacks across the world. It was found that the United States was on the top of ransomware attacks; followed by Italy and Canada. Here are the top 20 countries which are majorly affected by ransomware attacks.

Here is a detailed write-up that will answer most of your questions regarding ransomware. This post will take a look at What are Ransomware Attacks, the Types of ransomware, How does ransomware gets on your computer and suggests ways of dealing with ransomware.

Ransomware attacks

What is Ransomware

Ransomware is a type of malware that locks your files, data or the PC itself and extorts money from you in order to provide access. This is a new way for malware writers to ‘collect funds’ for their illegitimate activities on the web.

How does ransomware get on your computer

You could get ransomware if you click on a bad link or open a malicious email attachment. This image from Microsoft describes how the ransomware infection takes place.

Ransomware looks like an innocent program or a plugin or an email with a ‘clean’ looking attachment that gets installed without the user’s knowledge. As soon as it gets its access to the user’s system, it starts spreading across the system. Finally, at one point of time, the ransomware locks the system or particular files and restricts the user from accessing it. Sometimes, these files are encrypted. A ransomware writer demands a certain amount of money to provide access or decrypt the files.

A fake warning message by a ransomware looks as follows:

However, during the ransomware attacks, there is no guarantee that the users will get back their files even after paying the ransom. Hence, it is better to prevent ransomware attacks than trying to get back your data from some way or another. You may use RanSim Ransomware Simulator to check if your computer is sufficiently protected.

Read: What to do after a Ransomware attack on your Windows computer?

How to identify ransomware attacks

The ransomware generally attacks the personal data, such as user’s pictures, documents, files, and data. It is easy to identify the ransomware. If you see a ransomware note demanding money to give access to your files, or encrypted files, renamed files, locked browser or a locked screen of your PC, you can say that ransomware has got a grip on your system.

However, the symptoms of ransomware attacks can change as per the types of ransomware.

Read: Malware Tracker Maps that let you view Cyber Attacks in real-time.

Types of ransomware attacks

Earlier, ransomware used to display a message stating that the user has done something illegal and they are being fined by the police or the government agency on the basis of some policy. To get rid of these ‘charges’ (which were definitely false charges), users were asked to pay these fines.

Nowadays, a ransomware attack in two ways. It either locks the computer screen or encrypts certain files with a password. Based on these two types, the ransomware is divided into two types:

1. Lock screen ransomware
2. Encryption ransomware.

Lock screen ransomware locks your system and demands a ransom for letting you access it once again. The second type, i.e. the Encryption ransomware, changes the files in your system and demands money to decrypt them again.

The other types of ransomware are:

1. Master Boot Record (MBR) ransomware
2. Ransomware encrypting web servers
3. Android mobile device ransomware
4. IoT ransomware.

Here are some ransomware families and their statistics of attacks:

Also, take a look at the Ransomware growth and its infection statistics.

Who can be affected by the ransomware attacks

It doesn’t matter where you are and what device you are using. Ransomware can attack anybody, anytime and anywhere. The ransomware attacks can take place on any mobile device, PC or laptop when you are using the internet for surfing, emailing, working, or shopping online. Once it finds a way to your mobile device or the PC, it will employ its encryption and monetization strategies into that PC and mobile device.

When can ransomware get a chance to attack

So what are the possible events when ransomware can strike?

• If you are browsing untrusted websites
• Downloading or opening file attachments received from unknown email senders (spam emails). Some of the file extensions of these attachments can be, (.ade, .adp, .ani, .bas, .bat, .chm, .cmd, .com, .cpl, .crt, .hlp, .ht, .hta, .inf, .ins, .isp, .job, .js, .jse, .lnk, .mda, .mdb, .mde, .mdz, .msc, .msi, .msp, .mst, .pcd, .reg, .scr, .sct, .shs, .url, .vb, .vbe, .vbs, .wsc, .wsf, .wsh, .exe, .pif.) And also he file types that support macros (.doc, .xls, .docm, .xlsm, .pptm, etc.)
• Installing pirated software, outdated software programs or operating systems
• Logging into a PC that is a part of the already infected network

Precautions against ransomware attacks

The only reason ransomware is created, is because the malware writers see it as an easy way to make money. Vulnerabilities such as unpatched software, outdated operating systems or people’s ignorance is beneficial for such people with malicious and criminal intentions. Hence, awareness is the best way to avoid any attacks by ransomware.

Here are are a few steps you can take to tackle or deal with ransomware attacks:

1. Windows users advised keeping their Windows Operating System up-to-date. If you upgrade to Windows 10, you will reduce the events of the ransomware attack to the maximum extent.
2. Always back-up your important data in an external hard-drive.
3. Enable file history or system protection.
4. Beware of phishing emails, spam, and check the email before clicking the malicious attachment.
5. Disable the loading of macros in your Office programs.
6. Disable your Remote Desktop feature whenever possible.
7. Use two-factor authentication.
8. Use a safe and password-protected internet connection.
9. Avoid browsing websites that are often the breeding grounds for malware such as illegal download sites, adult sites and gambling sites.
10. Install, use, and regularly update an antivirus solution
11. Make use of some good anti-ransomware software
12. Take your MongoDB security seriously to prevent your database from being hijacked by ransomware.

The Ransomware Tracker helps you track, mitigate and protect yourself from malware.

Read: Protect against and prevent Ransomware attacks.

While there are some ransomware decryptor tools available, it is advisable that you take the problem of ransomware attacks seriously. It not only endangers your data, but it can also breach your privacy to such extent that it can harm your reputation also.

Says Microsoft,

The number of enterprise victims being targeted by ransomware is increasing. The sensitive files are encrypted, and large amounts of money are demanded to restore the files. Due to the encryption of the files, it can be practically impossible to reverse-engineer the encryption or “crack” the files without the original encryption key – which only the attackers will have access to. The best advice for prevention is to ensure confidential, sensitive, or important files are securely backed up in a remote, unconnected backup or storage facility.

If you do happen to have the misfortune of being infected with ransomware, you can if you wish, report Ransomware to FBI, Police or appropriate authorities.

Now read about Ransomware protection in Windows.

Related posts

• Daar oo ku habbee Ilaalinta Ransomware ee Difaaca Windows

• Sida loo yareeyo Weerarada Ransomware-ku shaqeeyo ee bini'aadamka: Xog-waraysi

• Madaxbanaanida Dijital ah - Qeexid, Macnaha, Tusaalooyinka iyo Sharaxaad

• Waa maxay Spear phishing? Sharaxaada, Tusaalooyinka, Ilaalinta

• Weerarada Malware-ka aan fileyn, Ilaalinta iyo Ogaanshaha

• Anti-Ransomware software bilaash ah oo loogu talagalay kombiyuutarada Windows

• Deji Raadinta La Wanaajiyey, Digniinaha Jebinta Ilaalinta, Lockwise Firefox

• Lockwise, Monitor, Facebook weelka, Ka ilaalinta Firefox

• Waa maxay Firewall iyo Ilaalinta Shabakadda ee Windows 10 iyo sida loo qariyo qaybtan

• Ilaalinta Macluumaadka Windows (WIP) waxay si otomaatig ah u ilaalisaa faylalka la soocay

• Dib u eegida Monster Clarity HD Qeexida sare ee Taleefoonnada dhegta-gudaha

• Ka ilaali isticmaalayaasha inay wax ka beddelaan Ilaalinta Ka faa'iidaysiga ee Amniga Windows

• Hagaaji Hawlaha Hore ee Ilaalinta Nidaamka SrTasks.exe Isticmaalka Disk-ga Sare

• Sida loo Sameeyo Cusboonaysiinta Qeexida Difaaca Daaqadaha

• Sida looga ilaaliyo loogana hortago weerarada Ransomware & caabuqyada

• Miyaan ka warbixiyaa Ransomware? Halkeen ka warramaa Ransomware?

• Waa maxay Google Advanced Protection Program?

• Waa maxay Ctrl+Alt+Delete? (Qeexid & Taariikh)

• Waa maxay Solid-State Drive (SSD)? Qeexida SSD

• Aaladda Maqalka Qeexida Sare waxay leedahay dhibaato darawal gudaha Windows 10