Hindi naman sigoro magkaka virus kahit walang antivirus diba. Unless may privilege vulnerability o yung admin mismo nag run ng software na may palaman.
Ransomware attacks typically follow these steps to target and attack its victims:
1. Initial infection: The attacker gains access to the victim's device or network by exploiting a vulnerability, tricking the user into clicking on a malicious link or attachment, or through other means such as phishing emails or drive-by downloads.
2. Malware deployment: The attacker deploys the ransomware onto the victim's device or network. The malware can be hidden within seemingly harmless files, software, or even legitimate-looking websites.
3. Encryption: Once the ransomware is deployed, it begins encrypting the victim's files. It scans the system, identifying and locking files using a strong encryption algorithm. The encryption process often targets valuable files such as documents, images, videos, databases, etc.
4. Ransom note: After the encryption is complete, the ransomware displays a ransom note on the victim's screen. It informs the victim that their files have been encrypted and demands a ransom payment, typically in cryptocurrency, to provide the decryption key necessary to restore the files.
5. Contact and negotiation: The attacker may provide contact information (email, chat, etc.) for the victim to reach out to discuss the ransom payment and decryption process. Negotiations may occur on the ransom amount, payment method, and deadlines.
6. Ransom payment: If the victim agrees to pay the ransom, they follow the instructions provided by the attacker to make the payment, usually in Bitcoin or other cryptocurrencies that are difficult to trace. The payment is sent to the attacker's wallet.
7. Decryption: Once the attacker receives the payment, they may provide the decryption key, allowing the victim to regain access to their encrypted files. However, there is no guarantee that the attacker will provide the decryption key even after the payment.
It is important to note that paying the ransom does not guarantee the retrieval of files or complete removal of the ransomware. It is recommended to not negotiate or pay the ransom and instead seek professional advice, report the incident to authorities, and focus on restoring systems from backups.