RECOVERING DATA FROM NONENCRYPTING RANSOMWARE ATTACKS

Ransomware is a form of cryptoware that dates back to late 1990’s. These malwares branch from cryptovirology as mode for threatening victims to block access to their data or
perpetually publish the same, unless a ransom is paid. The Non-Encrypting Ransomware and MBR Ransomware are affiliates of the Ransomware genome. The Non-Encrypting Ransomwares are also known as Locker Ransomwares. The motive of Locker Ransomware is to demand for ransom by simply locking the access to the target machine. Unlike crypto ransomware’s, victims data is not encrypted by these ransomwares. While the MBR Ransomware overwrites the very first sector of any known hard disk (The Master Boot Record or MBR), to prevent infected PC’s operating systems from booting up. Therefore this paper elaborates on how to safely recover the data from the effected machines.