Cryptovirology is the study of combining cryptographic techniques and computer virology to create powerful malware (e.g., ransomware). Cryptovirology twists the ability of cryptography to provide security to users and uses its techniques in offensive rather than defensive ways. While cryptovirology started as a study that aimed to identify how cryptography may be used for malicious purposes, many hackers have since used cryptovirology to design and deploy ransomware attacks.
See also: Netwalker ransomware
- Cryptovirilogy attacks date back to the 1990s. Adam L. Young and Moti Yung carried out the first known cryptovirology attack. They introduced the concept of ransomware in their 1996 paper titled ‘Cryptovirology: Extortion-Based Security Threats and Countermeasures.’ While their paper laid the theoretical groundwork, the first practical implementation of cryptovirology in a real-world attack came a few years later.
- Cryptoworms. Cryptoworms self-replicate and spread through the user’s computer networks, similar to traditional worms. However, unlike conventional worms, they use encryption to hide and protect themselves from detection and removal.
- Cryptotrojans. Cryptotrojans, also known as cryptotrojan horses, trick users into thinking they’re legitimate and harmless software or files. However, once installed, cryptotrojans carry out malicious activities on the device (like data theft or making changes to the system).
- Ransomware. Ransomware is malware that encrypts the victim’s data, making it inaccessible until a ransom is paid to the attackers. It can be delivered through various means, such as email attachments, malicious links, or drive-by downloads. Once infected, the victim receives instructions on how to pay the ransom to obtain the decryption key.