“Ransom.” is Malwarebytes’ detection name for ransomware, which is a category of malware that holds files or systems hostage for ransom. To learn more about ransomware, read our related blog content.
Typically, users will receive a notification (ransom note) that a threat actor has taken control of the system or the files. The note usually explains how to pay the ransom, how much it’s for, and how long users have to pay before their files are deleted.
Ransomware is a threat that prevents users from accessing their system or personal files and demands ransom payment in order to regain access.
The most common infection vectors for ransomware are:
Malicious spam (malspam) emails that include booby-trapped PDF or Office documents
Exploit kits via malvertising (drive-by download)
Malwarebytes protects users from ransomware by using its anti-ransomware technology and real-time protection.
Malwarebytes can detect and remove ransomware without further user interaction.
Take note, however, that removing this ransomware does not decrypt your files. You can only get your files back from backups you made before the infection happened, or by using Malwarebytes Ransomware Rollback technology.
Your intro to everything relating to cyberthreats, and how to stop them.