What is Ransomware? Also Different Types Of Ransomware
Updated on October 21, 2022, by Xcitium
What Are the Different Types of Ransomware?
Ransomware is a type of malware that locks, encrypts, or steals data and demands payment to restore access. The most common types of ransomware include crypto ransomware, locker ransomware, scareware, leakware (doxware), ransomware-as-a-service (RaaS), mobile ransomware, and double extortion ransomware. Each type uses different attack methods and causes varying levels of damage to organizations.
Ransomware is one of the most debated topics in the IT world. This is due to the large-scale impact caused by the WannaCry ransomware that crippled thousands of businesses across the globe. Ransomware is continuously evolving, and it’s hard to keep track of the different strains of ransomware.
While each ransomware variant has its way of spreading, all ransomware variants rely on similar social engineering tactics to deceive users and hold their data hostage. Let’s look at the different types of ransomware variants:
List Down Different Types of Ransomware
CryptoLocker
CryptoLocker botnet is one of the oldest forms of cyber attacks which has been around for the past two decades. The CryptoLocker ransomware came into existence in 2013 when hackers used the original CryptoLocker botnet approach in ransomware.
CryptoLocker is the most destructive form of ransomware since it uses strong encryption algorithms. It is often impossible to decrypt (restore) the Crypto ransomware-infected computer and files without paying the ransom.
WannaCry
WannaCry is the most widely known ransomware variant across the globe. The WannaCry has infected nearly 125,000 organizations in over 150 countries. Some of the alternative names given to the WannaCry ransomware are WCry or WanaCrypt0r.
Bad Rabbit
Bad Rabbit is another strain of Ransomware which has infected organizations across Russia and Eastern Europe. It usually spreads through a fake Adobe Flash update on compromised websites.
Cerber
Cerber is another ransomware variant which targets cloud-based Office 365 users. Millions of Office 365 users have fallen prey to an elaborate phishing campaign carried out by the Cerber ransomware.
Crysis
Crysis is a special type of ransomware which encrypts files on fixed drives, removable drives, and network drives. It spreads through malicious email attachments with double-file extension. It uses strong encryption algorithms making it difficult to decrypt within a fair amount of time.
CryptoWall
CryptoWall is an advanced form of CryptoLocker ransomware. It came into existence since early 2014 after the downfall of the original CryptoLocker variant. Today, there are multiple variants of CryptoWall in existence. It includes CryptoDefense, CryptoBit, CryptoWall 2.0, and CryptoWall 3.0.
GoldenEye
GoldenEye is similar to the infamous Petya ransomware. It spreads through a massive social engineering campaign that targets human resources departments. When a user downloads a GoldenEye-infected file, it silently launches a macro which encrypts files on the victim’s computer.
Jigsaw
Jigsaw is one of the most destructive types of ransomware which encrypts and progressively deletes the encrypted files until a ransom is paid. It starts deleting the files one after the other on an hourly basis until the 72-hour mark- when all the remaining files are deleted.
Locky
Locky is another ransomware variant which is designed to lock the victim’s computer and prevent them from using it until a ransom is paid. It usually spread through seemingly benign email message disguised as an invoice.
When a user opens the email attachment, the invoice gets deleted automatically, and the victim is directed to enable macros to read the document. When the victim enables macros, Locky begins encrypting multiple file types using AES encryption.
Apart from the list of attacks mentioned above, Petya, NotPetya, TeslaCrypt, TorrentLocker, ZCryptor, etc., are some of the other ransomware variants that are well-known for their malicious activities.
7 Different Types of Ransomware
- Crypto Ransomware – Encrypts files and demands payment for a decryption key.
- Locker Ransomware – Locks users out of devices or operating systems.
- Scareware – Uses fake security warnings to trick victims into paying.
- Leakware (Doxware) – Threatens to publish stolen data unless ransom is paid.
- Ransomware-as-a-Service (RaaS) – Criminal developers rent ransomware tools to attackers.
- Mobile Ransomware – Targets smartphones and tablets.
- Double Extortion Ransomware – Encrypts files and steals sensitive data simultaneously.
Comparison of Different Types of Ransomware
| Ransomware Type | Primary Attack Method | Main Target | Typical Impact |
|---|---|---|---|
| Crypto Ransomware | File encryption | Files and databases | Data becomes inaccessible |
| Locker Ransomware | Device lockout | Entire systems | Users cannot access devices |
| Scareware | Fake alerts | Individual users | Financial scams |
| Leakware | Data theft | Sensitive information | Public exposure of data |
| RaaS | Subscription-based attacks | Businesses | Large-scale attacks |
| Mobile Ransomware | Mobile device infection | Smartphones/tablets | Device lockout or data theft |
| Double Extortion | Encryption + exfiltration | Enterprises | Financial and reputational damage |
Examples of Common Ransomware Families
- WannaCry – Spread globally using Windows vulnerabilities
- LockBit – Popular ransomware-as-a-service operation
- Ryuk – Targets enterprise networks
- BlackCat (ALPHV) – Uses double extortion tactics
- CryptoLocker – One of the earliest crypto ransomware strains
Different Types Of Ransomware: Preventing Ransomware Attacks
Ransomware is a critical threat to your computer and your data. By practicing safe computing habits and by using up-to-date security software, you can stay protected from ransomware. Do your part by remaining vigilant and installing trusted security software for different types of ransomware.
For enterprise users, Xcitium Advanced Endpoint Protection (AEP) is the ideal solution. With a built-in containment engine and ‘Default Deny’ platform, Xcitium AEP provides 360-degree protection against any malware threat including ransomware.
Unlike other endpoint security solutions in the market, Xcitium Advanced Endpoint Protection (AEP) leverages its unique auto-containment technology which operates from a “default deny” approach.
Different Types Of Ransomware Conclusion
Xcitium AEP keeps the unknown or harmful files “contained” within a controlled environment while the Valkyrie Verdict engine determines whether they are malicious or not.
For more details about Xcitium Advanced Endpoint Protection, contact us at +1 (888) 551-1531.
FAQ Section Content
What is the most common type of ransomware?
Crypto ransomware is the most common form of ransomware because it encrypts files and demands payment for decryption. It is widely used in attacks targeting businesses, hospitals, and government organizations.
What is the most dangerous type of ransomware?
Double extortion ransomware is considered one of the most dangerous types because attackers both encrypt files and threaten to leak stolen data publicly.
What is ransomware-as-a-service (RaaS)?
Ransomware-as-a-service (RaaS) is a cybercrime business model where developers lease ransomware tools to affiliates in exchange for a percentage of ransom payments.
Can ransomware infect mobile devices?
Yes. Mobile ransomware targets Android and iOS devices by locking screens, encrypting files, or stealing sensitive information.
PROTECT YOUR ENDPOINTS FOR FREE
Related Resources
Loading...