Hackers that encrypt you files and demand money in order decrypt them are an increasing threat in the world of IT criminality.

Ransomware can be defined as a type of hacking exploit where malware encrypts the plain text belonging to an individual. Usually the encrypted files include documents, photographs and spreadsheets. The scheme can be accomplished by for example attaching a specially crafted file/program to an email and by sending this to the victim. If the victim opens/executes the attachment, the program encrypts a number of files on the victim’s computer. A ransom note is then left behind for the victim who will be unable to open the encrypted files without the correct decryption key. Once the ransom is paid, the hacker will send the decryption key, enabling decryption of the “kidnapped" files.

This is the most frequent form of ransomware, but some hackers also threaten to delete your files if you do not pay a certain amount of money. This is done through trojans that are being secretly installed in the victims’ computers. The trojans take control and close the files before the hackers contact the victim in order to make their demands. Some of the most famous trojans of this kind are Cryzip.A, Ransom.A and Arhiveus.A.
These trojans are able to spread because users click on links they receive in spam emails or by surfing on infected web sites. The amount of money is normally between 10 and 300 US dollars.

The most effective way to avoid becoming a victim of ransomware is to make sure you take back up of all your files. If you have full backup the blackmailers will be left with no power at all.

Effective firewalls and antivirus programs are also useful in preventing trojans and other malware from infecting your computer.