web analytics

Ransomware Investigation osint and hunting Overview PT1

What is Ransomware?

Ransomware is malware that employs encryption to hold a victim’s information at ransom. A user or organization’s critical data is encrypted so that they cannot access files, databases, or applications. A ransom is then demanded to provide access. Ransomware is often designed to spread across a network and target database and file servers, and can thus quickly paralyze an entire organization. It is a growing threat, generating billions of dollars in payments to cybercriminals and inflicting significant damage and
expenses for businesses and governmental organizations.

Types of Ransomware

Crypto ransomware

  • The goal of crypto ransomware is to hack and encrypt the sensitive files located on the victim’s computer, such as documents, pictures, or videos. While cybercriminals withhold access to these files, they don’t go as far as interfering with basic computer functions like other types of ransomware. Hackers want to create a sense of panic within the user by allowing them to see their files without the ability to open their information.

Locker ransomware

  • Locker ransomware is unique in that it solely aims to lock victims out of their computers. Hackers do this by disabling all basic computer functions with an exception for minor mouse and keyboard capabilities. Leaving the mouse and keyboard somewhat operable lets the user fulfill the demands of the cybercriminal to gain access back into their device.
  • A common trend with locker ransomware is that it generally doesn’t target specific files. So, the likelihood of data destruction is lower compared to other types of ransomware attacks. However, there are no guarantees when dealing with cybercriminal masterminds.


  • Scareware is a malicious software created to make false claims about viruses infecting a user’s computer or device. A payment is typically requested from the owner to solve the falsified issues. While some types of scareware can lock a user out of their device, others will only go as far as flooding the screen with countless pop-ups to overwhelm the user.

Ransomware as a Service (RaaS)

  • Ransomware as a Service (RaaS) is a dark web business model created to help ransomware hackers streamline their attacks. Developers created this software to automatically carry out all aspects of a ransomware attack for the cyberthief, from sending out the ransomware to collecting payments and restoring user access.

Doxware or leakware

  • Doxware, also known as leakware, threatens the distribution of sensitive data online, targeting people and businesses alike. Since hackers know people, and especially businesses, will do almost anything to prevent confidential and personal data from falling into the wrong hands, they often demand compensation to prevent its release.

advisor pick´S post

More Latest Published Posts