Table 2.
Open in new tab

Classification by crypto-ransomware propagation

Crypto-ransomware propagation classDescriptionExamples
Generation IEarly variants of crypto-ransomware were not able to spread on networks and had limited propagation capabilities even within an infected machine (prior 2013).

AIDS Information

 

GPCoder

Generation IIFirst emerged in 2013, this type can propagate by taking advantage of network paths. Generation II crypto-ransomware can encrypt devices that are physically and logically (e.g. ‘write’ access to server shares) connected to the infected machine. A common attack vector of Generation II crypto-ransomware is a malicious e-mail.

CryptoLocker

 

CryptoWall

 

CryptoDefence

Generation III.a (Trojans)First emerged in 2016, this type uses various tools (e.g. password-stealer Mimikatz) and takes advantage of network weaknesses to propagate on infected networks. These variants can infect entire networks, completely crippling an organization’s ability to function. Generation III.a crypto-ransomware normally penetrates network via vulnerable servers.

Samas

 

BitPaymer

Generation III.b (Worms)First emerged in 2017, Generation III.b crypto-ransomware, also commonly referred as ‘crypto-worms’, takes advantage of software vulnerabilities. Similar to variants like Samas and BitPaymer, crypto-worms can infect entire networks.

WannaCry

 

NotPetya

Crypto-ransomware propagation classDescriptionExamples
Generation IEarly variants of crypto-ransomware were not able to spread on networks and had limited propagation capabilities even within an infected machine (prior 2013).

AIDS Information

 

GPCoder

Generation IIFirst emerged in 2013, this type can propagate by taking advantage of network paths. Generation II crypto-ransomware can encrypt devices that are physically and logically (e.g. ‘write’ access to server shares) connected to the infected machine. A common attack vector of Generation II crypto-ransomware is a malicious e-mail.

CryptoLocker

 

CryptoWall

 

CryptoDefence

Generation III.a (Trojans)First emerged in 2016, this type uses various tools (e.g. password-stealer Mimikatz) and takes advantage of network weaknesses to propagate on infected networks. These variants can infect entire networks, completely crippling an organization’s ability to function. Generation III.a crypto-ransomware normally penetrates network via vulnerable servers.

Samas

 

BitPaymer

Generation III.b (Worms)First emerged in 2017, Generation III.b crypto-ransomware, also commonly referred as ‘crypto-worms’, takes advantage of software vulnerabilities. Similar to variants like Samas and BitPaymer, crypto-worms can infect entire networks.

WannaCry

 

NotPetya

Table 2.
Open in new tab

Classification by crypto-ransomware propagation

Crypto-ransomware propagation classDescriptionExamples
Generation IEarly variants of crypto-ransomware were not able to spread on networks and had limited propagation capabilities even within an infected machine (prior 2013).

AIDS Information

 

GPCoder

Generation IIFirst emerged in 2013, this type can propagate by taking advantage of network paths. Generation II crypto-ransomware can encrypt devices that are physically and logically (e.g. ‘write’ access to server shares) connected to the infected machine. A common attack vector of Generation II crypto-ransomware is a malicious e-mail.

CryptoLocker

 

CryptoWall

 

CryptoDefence

Generation III.a (Trojans)First emerged in 2016, this type uses various tools (e.g. password-stealer Mimikatz) and takes advantage of network weaknesses to propagate on infected networks. These variants can infect entire networks, completely crippling an organization’s ability to function. Generation III.a crypto-ransomware normally penetrates network via vulnerable servers.

Samas

 

BitPaymer

Generation III.b (Worms)First emerged in 2017, Generation III.b crypto-ransomware, also commonly referred as ‘crypto-worms’, takes advantage of software vulnerabilities. Similar to variants like Samas and BitPaymer, crypto-worms can infect entire networks.

WannaCry

 

NotPetya

Crypto-ransomware propagation classDescriptionExamples
Generation IEarly variants of crypto-ransomware were not able to spread on networks and had limited propagation capabilities even within an infected machine (prior 2013).

AIDS Information

 

GPCoder

Generation IIFirst emerged in 2013, this type can propagate by taking advantage of network paths. Generation II crypto-ransomware can encrypt devices that are physically and logically (e.g. ‘write’ access to server shares) connected to the infected machine. A common attack vector of Generation II crypto-ransomware is a malicious e-mail.

CryptoLocker

 

CryptoWall

 

CryptoDefence

Generation III.a (Trojans)First emerged in 2016, this type uses various tools (e.g. password-stealer Mimikatz) and takes advantage of network weaknesses to propagate on infected networks. These variants can infect entire networks, completely crippling an organization’s ability to function. Generation III.a crypto-ransomware normally penetrates network via vulnerable servers.

Samas

 

BitPaymer

Generation III.b (Worms)First emerged in 2017, Generation III.b crypto-ransomware, also commonly referred as ‘crypto-worms’, takes advantage of software vulnerabilities. Similar to variants like Samas and BitPaymer, crypto-worms can infect entire networks.

WannaCry

 

NotPetya

Close
This Feature Is Available To Subscribers Only

Sign In or Create an Account

Close

This PDF is available to Subscribers Only

View Article Abstract & Purchase Options

For full access to this pdf, sign in to an existing account, or purchase an annual subscription.

Close