The Crypto Trader’s Guide to Ransomware
Losing access to cryptocurrency holdings is the nightmare of every crypto trader. Desktop wallets put you at risk of losing access due to ransomware. The association between Bitcoin and ransomware is due to the ransom demand. The demand is usually for an amount of Bitcoin. Being unable to access your crypto could be much more expensive than paying the ransom.
What is Ransomware?
Ransomware is a form of malware that encrypts the files on your computer. There are different forms of ransomware. The differences are in the encryption type, ransom value, and symptoms. Your files end up locked and if you want them back, you pay for the key to undo the encryption. Your files get kidnapped, held in an inaccessible room on your computer. Paying the ransom doesn't guarantee you'll be able to unlock them.
There are things worse than ransomware. At least with ransomware, your crypto isn't accessed by someone else. It gets locked up. A clipboard attack could be much worse for someone in crypto. Any attack where hackers access the funds or private keys is worse. It is much more difficult to recover fund than it is to unlock them.
How to Protect Your Crypto
There are a few options to protect your crypto. The first is cold storage. Cold storage doesn't get infected with malware. For some, cold storage doesn’t fit their needs. Staking certain coins needs an internet connection. A project may not offer a way to store your private keys offline except for in a paper wallet. In this case, desktop wallets are a popular choice. These desktop wallets use “wallet.dat” files that you can back up. A simple backup on a thumb drive can keep your crypto accessible in the event you become a victim of ransomware. You can also back up the recovery phrases or print the private keys. The idea is to have ways to access your crypto that aren’t reliant on one specific device. This also protects you from hardware failure.
How to Protect Your Other Data, Device, and Network
- Use up to date antivirus and malware protection.
- Do not click suspicious links or on ads, even on sites you trust.
- Back up everything you need, do it weekly and keep it air-gapped. Best practice is redundancy for backups, at least two copies each in a different format.
- Avoid public networks or shared networks with people who have risky web behaviors.
- Avoid risky web behaviors.
- Use an ad-blocker.
- Use a VPN.
- Don’t download random things, including altcoin wallets that could have security concerns.
- Don’t use unnecessary browser extensions. Browser extensions make life easier, but they are risky.
- Learn how to sandbox. (This a bit advanced for many people, but it’s an important security tool to have in your arsenal. Sometimes you NEED a program but aren’t 100% sure of it so you put it in its own virtual area. I staked B3 for a while. I was nervous about the wallet so I sandboxed it to mitigate risk to my system and network.)
- Enable Strict Site Isolation or comparable setting in your browsers.
- Keep programs up to date with the latest patches and updates.
Symptoms of Ransomware
- You've noted your computer has slowed down. Encryption is a resource heavy process. One of the earliest signs of ransomware is high disk-utilization and slow speeds.
- Blank file images where you’re accustomed to seeing an icon. Computers use file extensions to determine what icon to show, which leads me to #3…
- Missing or incorrect file extensions. Encrypting the file removes the information that provides the file extension. Without the file extension, you get a blank icon.
- Files that won’t open but usually do.
- Files that prompt you to identify the program you want to use to open them but shouldn’t. For example, a Word document that your computer doesn’t know how to open.
What to Do If You Think You’re Infected
- Shut down immediately. Many ransomware programs encrypt files in the background, one at a time. The machine is only showing minimal and easy to ignore symptoms while this happens. By shutting down, you stop the progress and give yourself time to get it to a professional.
- Immediately air gap all devices that shared connections with the device. Connections include shared files or networks, Wi-Fi, or Bluetooth.
- If you have backups, restore from backups.
- If you feel in over your head, you should take your computer to a professional. There are a ton of DIY videos and resources online; but risking data you need is not going to help you get it back.
Options for Recovering Files without Backups
- Pay the ransom. Paying the ransom is not what I recommend. There is no guarantee you will get your files back. If you do pay the ransom, you likely could’ve paid to have a professional handle it for you.
- Determine which ransomware infection is present. Attempt some of the available decryptors for it.
- If symptoms recognized early, you could attempt to boot in safe mode. Remove the ransomware, and then salvage the files that aren’t encrypted.
- Call it a loss and restore to start anew.
Ransomware is a Real Threat
People in crypto like to talk about quantum computing and electricity usage. People aren't concerned about these immediate threats and how to mitigate these risks. It’s important to have the knowledge necessary to keep your crypto safe. Cryptocurrencies have rising popularity as a speculative asset. The early adopters of crypto were tech savvy. The exponential adoption has diluted this with people from all walks of life. The reasons why you entered crypto don't matter. You are here and need the knowledge to be your own bank. Please take the measures necessary to keep your crypto secure.
Connect With Me
I write about crypto and tech here on Steemit, teach people about crypto and trading on Cryppick, and tweet about crypto on Twitter. I'm also on LinkedIn and will be guest blogging on a few sites soon!
Very informative, thanks Ash
Thanks :)
This information is so important @Ashr. Thanks for sharing. Resteemed
Thanks Randy :)
Awesome post @ashr
Thanks Zach
Very informative, thanks for sharing, resteemed!
Thanks Frank :)
very nice and informative post.
Thank you Gabriella
Congratulations! You received a 10% upvote from @kryptoniabot.
Remember to receive votes from @kryptoniabot
*For those who want to join the growing community, get your free account here: http://csyd.es/Kryptonia