What Are the Different Types of Ransomware?

Ransomware is a type of malware attack that encrypts a victim's data and prevents access until a ransom payment is made. Ransomware attackers often use social engineering techniques, such as phishing, to gain access to a victim's environment.

It's also important to remember that you're dealing with cybercriminals, they don't always follow through with their end of the "deal."

The most common types of ransomware include:

1. Crypto Ransomware or Encryptors

Encyrptors are one of the most well-known and damaging variants. This type encrypts the files and data within a system, making the content inaccessible without a decryption key.

2. Lockers

Lockers completely lock you out of your system, so your files and applications are inaccessible. A lock screen displays the ransom demand, possibly with a countdown clock to increase urgency and drive victims to act.

3. Scareware

Scareware is fake software that claims to have detected a virus or other issue on your computer and directs you to pay to resolve the problem. Some types of scareware lock the computer, while others simply flood the screen with pop-up alerts without actually damaging files.

4. Doxware or Leakware

Leakware threatens to distribute sensitive personal or company information online, and many people panic and pay the ransom to prevent private data from falling into the wrong hands or entering the public domain. One variation is police-themed ransomware, which claims to be law enforcement and warns that illegal online activity has been detected, but jail time can be avoided by paying a fine.

5. RaaS (Ransomware as a Service)

Ransomware as a Service (RaaS) refers to malware hosted anonymously by a “professional” hacker that handles all aspects of the attack, from distributing ransomware to collecting payments and restoring access, in return for a cut of the loot.

Screenshot-2024-02-21-at-1.00.48 AM

2024 CrowdStrike Global Threat Report

The 2024 Global Threat Report unveils an alarming rise in covert activity and a cyber threat landscape dominated by stealth. Data theft, cloud breaches, and malware-free attacks are on the rise. Read about how adversaries continue to adapt despite advancements in detection technology.

Download Now

Ransomware Examples

Below are just a few examples of some infamous ransomware detected over the last few years:

  • BadRabbit
  • BitPaymer
  • Cerber
  • Cryptolocker
  • Dharma
  • DoppelPaymer
  • GandCrab
  • Locky
  • Maze
  • MeduzaLocker
  • NetWalker
  • NotPetya
  • Petya
  • REvil
  • Ryuk
  • SamSam
  • WannaCry

Learn More

Explore some of the most infamous ransomware attacks and the threat actors that operate them.

16 Notorious Ransomware Examples

Ransomware Protection Tips

The following tips are supported by what the CrowdStrike has found to successfully prevent and combat ransomware:

  1. Practice Good IT Hygiene
  2. Improve Resiliency of Internet Facing Applications
  3. Implement and Enhance Email Security
  4. Harden Endpoints
  5. Ransomware-Proof Data with Offline Backups
  6. Restrict Access to Virtualization Management Infrastructure
  7. Implement an Identity and Access Management (IAM) Program
  8. Develop and Pressure-Test an Incident Response Plan
  9. Know When to Ask for Help

Kurt Baker is the senior director of product marketing for Falcon Intelligence at CrowdStrike. He has over 25 years of experience in senior leadership positions, specializing in emerging software companies. He has expertise in cyber threat intelligence, security analytics, security management and advanced threat protection. Prior to joining CrowdStrike, Baker worked in technical roles at Tripwire and had co-founded startups in markets ranging from enterprise security solutions to mobile devices. He holds a bachelor of arts degree from the University of Washington and is now based in Boston, Massachusetts.