A user, Ann, is reporting to the company IT support group that her workstation screen is blank other than
a window with a message requesting payment or else her hard drive will be formatted. Which of the
following types of malware is on Ann’s workstation?

A.
Trojan

B.
Spyware

C.
Adware

D.
Ransomware

Explanation:
Ransomware is a type of malware which restricts access to the computer system that it infects, and
demands a ransom paid to the creator(s) of the malware in order for the restriction to be removed. Some
forms of ransomware encrypt files on the system’s hard drive), while some may simply lock the system
and display messages intended to coax the user into paying.
Ransomware typically propagates as a trojan like a conventional computer worm, entering a system
through, for example, a downloaded file or a vulnerability in a network service. The program will then run
a payload: such as one that will begin to encrypt personal files on the hard drive. More sophisticated
ransomware may hybrid-encrypt the victim’s plaintext with a random symmetric key and a fixed public
key. The malware author is the only party that knows the needed private decryption key. Some
ransomware payloads do not use encryption. In these cases, the payload is simply an application designed
to restrict interaction with the system, typically by setting the Windows Shell to itself, or even modifying
the master boot record and/or partition table (which prevents the operating system from booting at all
until it is repaired)
Ransomware payloads utilize elements of scareware to extort money from the system’s user. The payload
may, for example, display notices purportedly issued by companies or law enforcement agencies which
falsely claim that the system had been used for illegal activities, or contains illegal content such as
pornography and pirated software or media. Some ransomware payloads imitate Windows’ product
activation notices, falsely claiming that their computer’s Windows installation is counterfeit or requires
re-activation. These tactics coax the user into paying the malware’s author to remove the ransomware,
either by supplying a program which can decrypt the files, or by sending an unlock code that undoes the
changes the payload has made.
Incorrect Answers:
A: In computers, a Trojan horse is a program in which malicious or harmful code is contained inside
apparently harmless programming or data in such a way that it can get control and do its chosen form of
damage, such as ruining the file allocation table on your hard disk. In one celebrated case, a Trojan horse
was a program that was supposed to find and destroy computer viruses. A Trojan horse may be widely
redistributed as part of a computer virus. A Trojan is not what is being described in this question.
B: Spyware is software that aids in gathering information about a person or organization without their
knowledge and that may send such information to another entity without the consumer’s consent, or
that asserts control over a computer without the consumer’s knowledge.”Spyware” is mostly classified into four types: system monitors, trojans, adware, and tracking cookies.
Spyware is mostly used for the purposes of tracking and storing Internet users’ movements on the Web
and serving up pop-up ads to Internet users.
Whenever spyware is used for malicious purposes, its presence is typically hidden from the user and can
be difficult to detect. Some spyware, such as keyloggers, may be installed by the owner of a shared,
corporate, or public computer intentionally in order to monitor users. Spyware is not what is described in
this question.
C: Adware is free software that is supported by advertisements. Common adware programs are toolbars
that sit on your desktop or work in conjunction with your Web browser. They include features like
advanced searching of the Web or your hard drive and better organization of your bookmarks and
shortcuts. Adware can also be more advanced programs such as games or utilities. They are free to use,
but require you to watch advertisements as long as the programs are open. Since the ads often allow you
to click to a Web site, adware typically requires an active Internet connection to run. Adware is not what
is described in this question.

http://en.wikipedia.org/wiki/Ransomware
http://techterms.com/definition/adware
http://en.wikipedia.org/wiki/Spyware
http://searchsecurity.techtarget.com/definition/Trojan-horse