Complete I.T. Blog

How do ransomware threats spread?

by | Nov 15, 2016 | Archived Articles

Ransomware and any other advanced piece of financial or data stealing malware spreads by any available means.

Cyber criminals simply look for the easiest way to infect a system or network and use that backdoor to spread the malicious content.

Nevertheless, these are the most common methods used by cybercriminals to spread ransomware:

·       Spam email campaigns that contain malicious links or attachments;

·       Security exploits in vulnerable software;

·       Internet traffic redirects to malicious websites;

·       Legitimate websites that have malicious code injected in their web pages;

·       Drive-by downloads;

·       Malvertising campaigns;

·       SMS messages (which apply to ransomware that targets mobile devices);

·       Botnets;

·       Self-propagation (spreading from one infected computer to another);

·       Affiliate schemes in ransomware-as-a-service (earning a share of the profits by helping further spread ransomware).

Crypto-ransomware attacks employ a subtle mix of technology and psychological manipulation (also known as social engineering).

These attacks get more refined by the day, as cyber criminals learn from their mistakes and tweak their malicious code to be stronger, more intrusive and better suited to avoid cyber security solutions.

That’s why each new ransomware variant is a bit different from its forerunner. Malware creators incorporate new evasion tactics and pack their “product” with piercing exploit kits, pre-coded software vulnerabilities to target and more.

For example, here’s how online criminals find vulnerable websites, inject malicious JavaScript code in them and use this trigger to redirect potential victims to infected websites.


Read our blog on how to Protect your Business from a Ransomware Attack here.

To learn how we can help you to protect your business Contact us on 01628 552 860 for a meeting or book a meeting here