Abstract
What if someone stopped you from accessing your files or using your
computer? What if they demanded an amount to get access back to you? Most financial
and social interactions revolve around three critical aspects – firstly, the use of digital
data and files; secondly, computer systems; and last, the insecure internet. This is
where Ransomware using Bitcoin has become a major cause of concern in the form of
a new-age digital extortion threat to home and corporate users. This chapter discusses
Ransomware and the methods adopted by cybercriminals for holding ransom innocent
users' digital data and systems and proposes a malware detection system. Crypto and
Locker ransomware is reviewed for their propagation, attack techniques, and new
emerging threat vectors, such as file Encryption Ransomware, Screen Lock
Ransomware, Windows & Browser Lock, Pop Advertisements, and URL Redirection.
The author proposed a Cloud-based malware detection system, performing comparison
evaluation with and without the proposed anti-malware solution in the form of
sandboxes, so even if the environment got compromised, it could be easily
decommissioned and rebuilt from a fresh, clean virtual snapshot. Malware Behavioral
environments were set up for analyzing malware before and after receiving malware
payload files and logs from infected user devices. Malware Code Analysis gathered
assembly code and memory dumps from memory and performed analysis on malware
payload instructions. Reporting environment analyzed Web URLs proactively for
malicious sites hosting malware code or payloads and checked the user system and
devices for before and after analysis logs.