Ransomware

Ransomware is computer malware which holds a computer system, or the data it contains, hostage by demanding a ransom from its owner for its restoration.

Ransomware typically propagates as a conventional computer worm, entering a system through, for example, a vulnerability in a network service or an e-mail attachment. It may then:


 * Disable an essential system service or lock the display at system startup.
 * Encrypt some of the user's personal files. Encrypting ransomware were originally referred to as cryptoviruses, [[cryptotrojans or cryptoworms.[4][5]

In both cases, the malware may extort by:


 * Prompting the user to enter a code obtainable only after wiring payment to the attacker or sending an SMS message and accruing a charge.
 * Urging the user to buy a decryption or removal tool.

More sophisticated ransomware may be a hybrid &mdash; encrypt the victim's plaintext with a random symmetric key and a fixed public key. The malware author is the only party that knows the needed private decryption key. The author who carries out this cryptoviral extortion attack offers to recover the symmetric key for a fee.