Top 5 Most Dangerous Ransomware

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello and welcome to the pc security channel ransomware is a class of file encryption malware that has taken the world by storm and i think it's made everyone aware of the reality that you can go very quickly from this a perfectly working system to as you will see an entirely breaked system with just a couple of clicks in this video we shall look at the top five most dangerous ransomware now of course the most dangerous is a subjective term if you're a business then losing your data or having confidential information stolen may be a lot more dangerous than just having a system bricked or a few systems break if you're a home user you may have different concerns so instead of a linear list we're going to go over different categories of what i think some of the most destructive ransomware capabilities have been and will pick a representative from each group so the first threat you're looking at right now is petya this class of ransomware wipes out your mbr sometimes it encrypts the data sometimes with samples like not petya they just wipe your disk clean and there's no way to recover anything there's also samples like satana and goldeneye that essentially behave the same way you run them and your computer blue screens and you're never able to boot back in again so if you're looking for pure destructiveness petya and its brethren are some of the true horrors of the ransomware family just imagine going about your day you see a random pop-up you just click yes because you don't know what you're doing and moments later your computer just fails to boot all together you try everything nothing works hopefully you haven't had to be in that situation but i can imagine it would cause a lot of home users to panic the next threat we're going to take a look at is the one and only wannacry ransomware unless you've been living under a rock you probably saw this on the news it was all over the web it inspired everyone to make a video about ransomware i remember even tech youtubers like austin evans were making videos about this one because it was that mainstream this ransomware exploited an smb vulnerability in windows that allowed it to propagate from one system to another over the internet over the networks without any user action so if you thought the only way you could get infected was by going to some shady website or clicking on some shady links or files that was not the case with wannacry all you needed to do was have a system that was connected to the internet and that was up and running this had massive organizations airports schools you could see the wannacry ransom node everywhere online like people were showing pictures of airport departures with the wannacry ransom note on top of it it was crazy so when it comes to sheer impact and the chaos that it cost in a very short period of time wannacry definitely is towards the top of the list and that is greatly reinforced by the propagation method i remember everybody was calling me at the time and asking me how can i not get this ransomware what is going on can i get it just by having my computer open and i was like yes you can and it's chilling to think that a lot of our critical systems could be that vulnerable all right moving on the next ransomware we're going to look at is furlocker interestingly this is not just a ransomware it is also a virus in the most traditional sense so not only does it encrypt your files but it also adds a little bit of malicious code at the end of each file converting it into basically another verlocker sample so within minutes of executing this ransomware you could have a computer filled with furlocker samples that could propagate to other systems as soon as they're run they would infect those systems as well and to make it worse as you can see furlocker comes with a custom ransom message that appears like it's coming from some kind of law enforcement of course that is not the case this is fake but depending on your location the message is also customized so if you're in the united states it will have a united states flag and the fbi if you're in the uk it'll have the uk flag and say city of london police and even though it asks for payment in bitcoin it says that our payments are processed by a local bank again it says lloyd's bank in the uk it'll say something else in the united states the messages are quite customized and it's definitely quite scary over here it says willful copyright infringement is a federal crime and if you think about it a lot of people they may have seen some movie online they may have done some piracy in the past and when they see this message they just freak out and they try to pay the ransom so in terms of an immediate scare tactic this ransomware can be the most dangerous and because the fine is not that high i imagine a lot of people would fall for this and pay the ransom the worst part about furlocker is since it replicates so easily you not only have to decrypt your files but also disinfect each of the files that's been taken over by verlocker it's very much like a traditional virus but luckily it is now possible to fully disinfect and recover your data if you're infected by verlocker there's a lot of antivirus solutions that'll do that for you moving on the next threat on the list is our evil and this is to represent an entire class of ransomware from russia that have attacked institutions in the western world as well as home users and these have been some of the most financially successful ransomware variants because they're extremely targeted attacks they're very high ransom payouts and they just hit the most critical parts of certain institutions that are just forced to pay the ransom to either get back into business or recover their data and in some cases such threats also come with an info stealer capability which means they don't just encrypt your data they also steal it to their servers first so imagine you're a company and you have all of your customer records stolen or critical business data that if leaked could lead to terrible consequences for your business and you're facing a 10 million dollar ransom demand that is indeed very scary and that's what happened to a lot of the victims of this ransomware now of course there have been similar threats from the last couple of years things like samsung i remember shade back in the day but our evil is one that has come recently to the forefront and caused a lot of panic especially since they hit a lot of it companies even an apple redistributor was hacked and they stole some apple schematics which is saying something considering how secretive apple are and the measures they take to protect that kind of data now we'll move on to the final thread on our list which is darkside this is the ransomware behind the us colonial pipeline attack that basically made the states run out of gas which had very real consequences that were scary even if you didn't know anything about ransomware or didn't even own a computer you could show up at a gas station you needed to go somewhere and be told that you can't have gas because the systems are not operating because they're the victims of a ransomware attack again this is a threat that has really brought ransomware to the forefront to the point where the united states preston had to make a statement thinking of recent examples of ransomware this is the most striking as with some of the previous variants discussed darkseid also has an info stealer element and claims to upload more than 300 gigabytes of data so not only do they disrupt your business by encrypting all your files making a complete mess of things but they also steal the data and use that to blackmail so there you have it that's my top five most dangerous ransomware list if you're wondering how can i protect myself against these terrible threats the first thing you can do is back up your data have a good strategy where you know how you're going to back up your data how you're going to restore it in the event of something like a ransomware attack and make sure that the strategy is robust so regardless of the type of ransomware that you're hit by you still have an option to recover your data and also think about time frame so for example if you do have backups but you're not paying attention to how to restore them how much time it would take and maybe it's just a mess of backups here and there that's scattered and this can easily happen if you're a large business and then all of a sudden when you're hit with ransomware you're looking at a recovery time of maybe 15 days to get your systems operational again and sometimes that's not acceptable and that's why a lot of businesses do end up paying the ransom so i'd highly recommend think about your recovery strategy if you were hit by ransomware today what would you do about it how would you go about recovering your data the second thing to think about is protection on your systems i'm a strong proponent of that i don't believe that we should just throw our hands up and say hey it's inevitable nobody can stop you from being hacked i think you should take measures to minimize the chances of you getting attacked some of the things that could lead to a targeted attack would surprise you it could be as simple as an employee giving out their password or being the victim of some other kind of data breach so make sure you have a good password protection strategy as well as endpoint security on all your systems and use a good av engine you can watch our catalog of videos where we've tested essentially all the major cybersecurity providers against these ransomware threats and you can figure out who does well who doesn't do well and try to pick a really good endpoint security provider remember that's your last line of defense if some executable manages to get on your system or some followers threat manages to execute in ram your security product is what's standing between a perfectly safe system like i showed and the wreck that you see after i execute these threats so don't take it lightly do your research use a good product again a lot of resources on the pc security channel that help you do that so check it out this video is sponsored by kaspersky if you've been watching this channel for a while you probably know them by now they're one of the leading companies when it comes to endpoint protection home security all of those things and since they have an excellent track record in our own tasks in this segment we're actually going just demonstrate kaspersky total security and how it could protect you against ransomware like the ones we just saw in the video so we have the same five samples that you saw in the video and now we're going to automate their execution and we'll just see what happens so as you can see dark side was blocked we got a notification it happened pretty fast so let's just go back through the logs so patio was instantly blocked so was our evil so as for locker so was wannacry and and if we scroll up darkside was blocked as well now in order to make this even more interesting we're actually going to go ahead and disable most of the protection components so that we can better emulate what would happen if these threats were say brand new and kaspersky didn't know about them so we'll turn off file antivirus as well as application control so the only thing we're going to have enabled is system watcher which is supposed to protect us from ransomware and other crypto lockers and roll back any changes that they make now we're going to go ahead and restart the test as you can see we've got all of the ransomware back in the same folder we've replaced them with new copies and we'll see what happens in this configuration and of course it's going to say it's being missed because we are looking at the behavioral protection here so we'll see if there's actual encryption that takes place on the system so we'll see if our pictures or documents are affected we're getting notifications saying the processes are being terminated system watcher is taking action get the disinfection prompt getting registry keys being removed we can see some of the behaviors being locked by our program and all of this is being denied and as you can see we still have all of our files they're totally fine if we open this up we have beautiful play from shakespeare working just fine if we go back to our pictures we still have all our wallpapers so there you have it that's kaspersky total security please check it out using the link in the description show them some love for sponsoring this video also if you want to see tasks on kaspersky we have done independent tests as we often do on the channel you can check those out don't forget to subscribe to the pc security channel please like and share the video if you enjoyed it and as always stay informed stay secure you

Info

Channel: The PC Security Channel

Views: 178,747

Rating: undefined out of 5

Keywords: The PC Security Channel, TPSC, cybersecurity, cyber security, computer security, internet security, antivirus, anti malware, ransomware, trojan, virus, PUP, best antivirus, best internet security, learn cybersecurity, hacking, hack, security, technology, cyber insurance, cybersecurity degree, EDR, SIEM, best EDR, AI, Top 5 most dangerous ransomware, top 5 ransomware, top 10, worst ransomware, most dangerous ransomware

Id: 7gcd4xKwOhU

Channel Id: undefined

Length: 13min 12sec (792 seconds)

Published: Thu Sep 16 2021