Ransomware is a computer virus that gets advantage from the weakness of the security system of the computer that is being used to restrict the access of a computer. There are many types of ransomware virus. Some of them can encrypt the files that are placed on the hard drive of your system, for you it will not be possible to access them anymore. Some other types can lock your computer. When you try to log in to your computer, you will get a message to pay some amount to get a decrypting tool or a private key to access or to reset the entire system to get its precious working condition back.

Types of Ransomware

There are many types of ransomware which are evolving constantly. This ransomware is adapting to get the benefit of the weaknesses that are coming in the latest security systems. Most of the ransomware is being spread by sending the infected attachments or links through the email or by creating some fake download links. Many of these are being used to target the Microsoft Windows.Some of the common and currently circulating types of ransomware are:


Locky is the most aggressive type of ransomware that is being used these days. It can target both local and mapped drives to affect a large number of files of the system. Locky renames the files or change the extensions of your files with some variant extensions. This is spreading by the infected attachments in the spam emails. Once it has encrypted your data, it will place a note to pay ransom in front of you whenever you try to open the encrypted files. Common variants of Locky virus are Zepto, Locky, Orsis, Odin, Thor, ZZZZZ, etc.


The Cerber virus encrypts the files with specifically RSA and AES ciphers. Encryption type that is being used by the cerber virus is different. It adds four digits that can be either numeric (0-9) or alphabet (A-z) as an extension of the file. This can be any random number of 4 digits that it will add as an extension to encrypt your file and will ask you to pay if you want to get the decrypting tool to open your file. An old version of Gerber was used to add “.cerber” as an extension. As many other types of ransomware Gerber strains can also delete the copy of windows or can turn off the starter repair of windows. Cyber can also target the external USB device. Distribution of Gerber ransomware took place through the spam emails, networks of file sharing or with the malicious executables in the trackers of the torrent.
Common variants of the cerber are cerber1, cerber2, cerber3, cerber4, and cerber5.

DMA Locker

DMA Locker is an aggressive type of ransomware that attacks a Large number of applications and files, even the SQL server and Microsoft Exchange too. The identification of DMA Locker ransomware is red splash that you can find on your screen with a padlock image, demanding some amount to pay off to get the decryption tools for the encrypted files of DMA Locker or with an offer of decryption key file. Encrypted files will get locked. When you try to open them. They will show a just one-line description of the text. Names of files usually remain the same. DMA Lock can attack directly to your system through the RDP vulnerability. Malicious Websites. Infected files can also be a cause of DMA Locker ransomware.


Crysis was detected in February 2016 for the very first time. This type of ransomware can encrypt 185 different types of files. Crysis can target local and network drives. Crysis usually notify the user by changing the desktop wallpaper and then demand the ransom from the user. Crysis change the extension of encrypted files by “.crysis” extension and can change the name of the file too. XTBL variant of Crysis adds the extension “.XTBL” in the encrypted files. If you are trying to open a file but it is showing an email address into the file name, and the file is not opening. Then just contact us without trying anymore on that for expert advice.


Cryptxxx renames the file and adds the extension”. Crypt” or “.crypz” to the encrypted files. It can affect the files of local or network mapped drives too and make them unable to open. A ransom note can often appear to pay for getting the decryption tools. Most common variants of cryptxxx are, Trollish, CryptoWall, CryptoWall 2.0, CryptoWall 3.0, CryptXXX, CryptXXX 2.0, CryptXXX 3.0.
Cryptxxx is associated with an attachment in a spam email. A decrypted key is available for some of the crypto strains publically.


 PCLock, Crypt Locker, Crypto-Lock, PCLock 2, Torrent Locker, and many ‘copycat’ crypto are the most common variants of the crypto locker. CryptoLocker was detected in 2013 for the first time. It targets the running Microsoft Window of the system. It is being distributed with the fake download links or infected attachments in the emails.


 Globe2, Kyra, x3m, Globe3, BlackBlock, ‘copycat’ are most common Globe variants. Globe ransomware can affect almost 995 types of files. It is aggressive ransomware that can affect the both, program files and the files placed on the local drive. It encrypts more files after every reboot of your system. It affects the shadow copies of windows too and turns off the startup repair of the window. Globe variant renames the files and adds an email address to contact.


Encoder.858, Shade ransomware are common variants of trollish. Trollish uses extensions ‘.xbtl’ or ‘.cbtl’ to encrypt files. These are distributed through fake downloads and spammed emails. Damaged files can be renamed and have an email address associated with them. You cannot open encrypted files and can get a demand to pay money to get tools for decryption.

CTB Locker

Crysis, ARROW, ARENA, CESAR, JAVA, Wallet, XTBL, BIP, COMBO are common variants of CTB Locker. It encrypts the files and adds an email address to contact. CTB Locker attacks key folders most of the time. This ransomware is being spread through RDP Hack and spammed emails.
If you get any of above-mentioned issue, do not forget to visit Red Mosquito to get our free expert advice. Get in touch to find the best solutions for you. We have knowledgeable professionals to resolve all your problems.
Whatever kind of ransomware virus or malware you are experiencing, the team at Alwasatgate can offer knowledgeable, friendly and honest rewrite recommendation. For a free analysis, please click the button below and complete the easy form: