The Difference between Malware and Ransomware

computer virus malware ransowareComputer virus, Malware, Ransomware, photo: pixabay

The Difference between Malware and Ransomware

When it comes to countries being hacked with cyber-ware, Norway is no exception. In June 2017, the Norwegian National Security Authority confirmed that the country was a victim of Petya, a ransomware attack that followed the footsteps of the wide-spread WannaCry attack. The February before that, at least nine email accounts were hacked with spear-phishing attacks. Back in August of 2014, 50 Norwegian oil and energy companies were hacked, with another 250 believed to be infected. While not all of these attacks are the same, the growth in cyber-attacks, specifically ransomware attacks, is astounding.


Ransomware is a new subsidiary of malware, and it has swiftly laid an outset of its threat and capabilities. In 2016 alone there were 638 million ransomware attacks, which is more than 167 times the number of attacks in 2015. With the frequent amount of cyber attacks occurring, it is hard to distinguish each type of attack, particularly those that are considered to be malware and ransomware.

What is malware?

Malware is a crunched term for ‘Malicious Software’. It is particularly designed to obtain access to an owner’s computer by tricking him into installing a certain software. It can track what a user is accessing on his computer and can cause damages which he might be completely unaware of. Malware is mostly seen in the forms of key loggers, viruses, worms, or spyware.

Malware can be used to steal sensitive information or spread spams via email. However, nowadays, these deceitful softwares are generally used to generate a pile of revenue through conscripted advertising.

Recently, a malware Fireball, spread by a Chinese digital marketer Rafotech, converted over 250 million web browsers around the globe into ad-revenue generating engines. Almost 20% of the corporate networks were affected because of this malware. It was later revealed that the major spread of the Fireball was because of the bundling. With some desired programs like Deal Wifi, Mustang Browser, Soso Desktop and FVP Imageviewer, the malware installed itself without any compliance of the user.

Just a week before that, 36.5 million Android devices were affected by a malware named Judy. With the same propaganda of producing fake clicks on advertisements to generate revenue via deceitful means, this malware was found in 41 apps, all of which were developed by a Korean company Kiniwini. Most of the harmful apps existed on the official Google Play Store raising serious questions regarding Android’s security.

Also, lately, a malware named ‘Crash Override’ was detected which caused a power outage in the Ukrainian capital, Kiev. It is the first malware ever to attack an electric grid giving us a hint of the disastrous consequences that might follow.

What is ransomware?

Ransomware is basically a type of malware that locks your computer and prohibits you from accessing it until you pay a demanded ransom. It is generally demanded in the form of Bitcoins. Nowadays, instead of locking a user’s keyboard or computer, individual files are encrypted using a private key which only the ransomware authors know. However, there is no guarantee that paying the ransom will unlock your computer.

In May 2017, a large-scale cyber-attack by the Wannacry Ransomware infected over 300,000 computers in 150 countries, and it was detected in several locations in Norway. Although only computers running on the Windows Operating System were affected, at least three companies in Norway, including the popular Choice hotel chain, were infected.

Another ransomware called Petya was seen disrupting the functioning of a number of businesses spanning Europe, the Middle East and the United States. However, the major difference between Petya and WannaCry is that Petya can spread only across a local network. If you are not a part of the same network, you are highly unlikely to get affected by it. On the other hand, WannaCry could have spread exponentially and indefinitely across the entire internet if the “Kill Switch” did not exist at all.

Recently, it was discovered that Petya isn’t a ransomware but a deadly “Wiper Malware”. Researchers found that Petya was just designed to look like a ransomware. Its framework had no scheme of information retrieval at all. After rebooting the victim’s computer, Petya encrypts the hard disk’s Master File Table (MFT) and makes the Master Boot Record (MBR) dysfunctional. The encrypted code was replaced with their own malicious code prohibiting you to boot which was followed by a screen that showed up a ransom note. However, the new variant of Petya does not maintain a copy of replaced MBR at all. So, even if the victim gets the decryption key, he cannot boot his computer device.

How does malware and ransomware spread?

Most of the spread of malware is through emails with links which claim to have some information that naive computer users may find interesting. Once a user clicks on that link, they are redirected to a fake website which looks just like a real one. Then to access the required information or program, users are requested to download some software. If a user downloads that software, their computer gets infected. Web sites and pop-ups which claim to offer free content such as free music or movies are among the major sources of cyber attacks.

These security breaches allow the scammers to track your behavior on the computer and steal personal credentials. This information can be used for a number of forged activities and the consequences can be pernicious.

Protect yourself with a VPN

While backing up your data periodically is the most effective and important step to protect your device against malware and ransomware, using a VPN can also boost the security of your system.

A VPN allows you to access the web through anonymity. This makes the task of tracking your computer difficult for the attackers. Many top-notch VPNs give a security warning to users when they try to access suspicious URLs. Also, all the data that is shared online using a VPN is encrypted. So, it remains out of the reach of malware authors.

Looking for a VPN to protect your computer against cyber threats? Check out our most recommended VPNs.


Malware Ransomware


© VPN Mentor / Norway Today  / Kanishk Jain