Wednesday, September 22, 2021

Search crimes – how the Gootkit gang poisons Google searches – Bare Safety

Ransomware gets the big headlines, because of the enormous blackmail demands that typically arrive at the end of ransomware attacks.

Indeed, the word “ransom” only expresses half the drama these days, because modern ransomware attacks usually involve the crooks making copies of all your data first before scrambling it.

The crooks then demand a combination payout, part ransom and part hush-money.

You’re not only paying to get the local copies of your data unscrambled, but also paying for a promise from the crooks that they’ll delete all the data they just stole instead of releasing it to the public.

But what about the very start of a ransomware attack?

Technically, that’s often a lot more interesting – and often more important, too, given that many ransomware attacks are merely the final blow to your network at the end of what may well have been an extended attack lasting days, weeks or even months.

Given the danger that arises as soon as the crooks sneak into your network, it’s as important to learn how malware gets delivered in the first place as it is to know what happens to your files when ransomware finally scrambles them.