The 10 Biggest Ransomware Examples You Should Know About!

The 10 Biggest Ransomware Examples You Should Know About!

The 10 Biggest Ransomware Examples You Should Know About!


Ransomware Examples

  Ransomware attacks are a continual threat to all who use the internet. They can range from being difficult to deal with, to a catastrophic disaster. As long as people continue to pay ransoms, attackers will continue to use ransomware. It doesn’t look like the ransomware business is going to slow down any time soon. Ransomware attacks have increased by over 97% in the past two years. We’ve put together a list of some of the biggest and most well-known examples of ransomware. Some gained far more publicity than others in the cybersecurity world. If you’re unfamiliar with what ransomware is, you can read our definition here.  

The 10 Biggest Ransomware Examples You Should Know About!


1. Cryptolocker

The first type of ransomware example is Cryptolocker. It is most commonly known for encrypting files and demanding payment to decrypt and unlock your data. This type of malware can encrypt anything on your hard drives, USB sticks, shared network drives and files stored in the cloud. This type of ransomware uses a “two key” approach, one public and one private key. The attacker encrypts your data using the public key and uses the unique private key to unlock your data once you’ve paid the ransom. Cryptolocker has only targeted computers running windows so far, so Mac users are safe for now. You’ll know if you’re a victim of cryptolocker as warning pop-ups will be displayed on your screen. These will indicate that your data will be destroyed if you do not pay a ransom.

2. Bad Rabbit

Bad Rabbit is a type of ransomware that disguises itself as an Adobe Flash player update or installer. When you browse the internet or a specific website, Bad Rabbit will present itself by flashing up that there’s a new version of Adobe available to download. Once you take the bait and downloaded it, Bad Rabbit will install itself on your machine and begin to wreak havoc. It will encrypt your hard drive and files, prevent windows from starting up properly and lock your computer entirely. Usually, the ransom note that appears on your screen will give you 40 hours to pay the ransom in Bitcoin.

3. Cerber

Cerber is an interesting example of ransomware as it’s pretty much an affiliate program for ransomware criminals. Anyone in the world has the option to buy and deploy it for roughly 40% of the paid ransom profits. Similar in it’s requests to other types of ransomware, Cerber encrypts your files and demands payment in exchange for granting access to your files. However, Cerber also works even if you are not online, so just unplugging your computer will not do anything to prevent the infection. It will normally be delivered to users by email which includes an infected Microsoft Office document. Opening the document launches the malware, and within a few minutes, it will work its way through your files and encrypt and rename everything. It will lie dormant until it’s work is done and then present itself as a desktop background or note in an encrypted file. Cerber accounted for 26% of all ransomware infections at its peak in early 2017.

4. GoldenEye

GoldenEye comes from the same family as Petya and MISCHA, however, it goes one step further by encrypting your NTFS structures. It is distributed using a spam email message that includes an infected document, often an MS Excell file. Once the file is opened, a pop up will show up on screen requesting specific actions. If you follow along and enable those actions and permissions, the ransomware will download and begin to infect your system. It will automatically reboot your computer, and then greet you with a notice of instructions on how to pay the ransom.

5. Dharma

Similar to the first four ransomware examples, Dharma encrypts your data and demands a ransom. It’s a variant of CrySIS and is delivered manually by Remote Desktop Protocol (RDP) services. Attackers then brute force the password to gain access. Instead of pop-ups or on-screen messages, Dharma leaves a note in the encrypted text files which includes a contact email address to discuss payment instructions. Since it’s release in 2016, there have been around 15-20 different variants of the ransomware.

6. Jigsaw

Jigsaw first started to surface around March 2016. It also encrypts your files and demands a ransom, but it puts you under even more pressure by adding time to the equation. Once the malware is deployed, it will start encrypting your files and then deleting your files every hour within the first 24 hours. After that, on the next day, it will delete even more files until eventually deleting hundreds or thousands of your files until you pay the ransom. If you think that’s bad enough, then if you even try to reboot your computer or figure out a way to remove the ransomware, Jigsaw will delete thousands of files as a punishment! Once your infected, the countdown will begin. So, if you choose to not pay the $100 – $150 ransom within the first hour, then all your files will start being deleted.

7. WannaCry

The next example of ransomware is the infamous WannaCry. Probably the most well-known example of ransomware to date, WannaCry is wormable ransomware that spreads independently by exploiting Windows operating system vulnerabilities. It was first detected in May 2017 and has is believed to have infected over 160,000 unique IP addresses. Once it’s on your system, WannaCry will encrypt your files and hard drive, demanding a ransom of between $300 – $600 in bitcoin. It should be noted that only a few people were successfully given decryption keys to access their data.

8. Petya

Petya arrived on the ransomware scene in March 2016. It’s delivered like many of the previously mentioned ransomware examples – attached to an email. The email will normally contain two files, one of which will include the malware. Once you’ve clicked that file, you’re unknowingly agreeing to the Windows User Access Control warning, telling you changes are going to be made to your computer. Petya will then reboot your system and display a standard Windows CHKDSK screen to you. Once this is done, the malware will be actively working in the background. And instead of just encrypting files one by one, Petya will infect and encrypt your entire system. At this point, Petya will demand a ransom in bitcoin to decrypt your hard drive.

9. GandCrab

10. SamSam

At FilingCloud, we firmly believe that adding the right prevention solution to your workflow is the best way to protect yourself from ransomware. Click here to organise a free demo of the ultimate ransomware prevention solution. For more details about FilingBox, contact us at or call us on +1-813-445-7472.

More Case Studies: