20 Most Notorious Malwares in History

Question 1

What vulnerability did WannaCry exploit to spread quickly?

Answer 1

EternalBlue vulnerability in Windows SMBv1.

Question 2

How much damage was caused globally by WannaCry ransomware?

Answer 2

Approximately $4 billion.

Question 3

Which ransomware spread primarily in Ukraine and aimed more at destruction than ransom collection?

Answer 3

NotPetya.

Question 4

What vulnerabilities did NotPetya use to propagate?

Answer 4

EternalBlue and Mimikatz for credential theft.

Question 5

Which large shipping company was heavily impacted by NotPetya?

Answer 5

Maersk.

Question 6

Ryuk ransomware typically followed infections by which two types of malware?

Answer 6

Emotet and TrickBot.

Question 7

What was the primary delivery method of CryptoLocker ransomware?

Answer 7

Email attachments and social engineering.

Question 8

Which organization paid a $17,000 ransom due to Locky ransomware?

Answer 8

Hollywood Presbyterian Medical Center.

Question 9

Which ransomware introduced the tactic of ‘double extortion’?

Answer 9

Maze.

Question 10

Define ‘double extortion’ in ransomware attacks.

Answer 10

Encrypting files and threatening to release stolen data if ransom isn’t paid.

Question 11

What was the notable incident associated with DarkSide ransomware in 2021?

Answer 11

The Colonial Pipeline attack causing fuel shortages in the U.S.

Question 12

Which vulnerability did DarkSide exploit to gain access to systems?

Answer 12

Weak RDP protocols and compromised credentials.

Question 13

Which healthcare organization was hit by Conti ransomware in 2021?

Answer 13

Ireland’s Health Service Executive (HSE).

Question 14

How did Cerber ransomware spread to its victims?

Answer 14

Through exploit kits like Rig and Magnitude.

Question 15

Dharma ransomware primarily gained access through which method?

Answer 15

Weak or open RDP connections and phishing.

Question 16

Which ransomware targeted Russian and Ukrainian media outlets in 2017?

Answer 16

Bad Rabbit.

Question 17

Which exploit kit was used by TeslaCrypt ransomware?

Answer 17

Angler exploit kit.

Question 18

How much was Baltimore’s recovery cost after the Robinhood ransomware attack?

Answer 18

More than $18 million.

Question 19

What was a distinctive feature of GandCrab ransomware’s business model?

Answer 19

It operated as ransomware-as-a-service (RaaS).

Question 20

Which type of organization was frequently targeted by Ryuk ransomware?

Answer 20

Large enterprises, hospitals, and logistics companies.

Question 21

Which ransomware was notable for releasing its decryption keys before shutting down?

Answer 21

TeslaCrypt.

Question 22

Name a high-profile target of Egregor ransomware.

Answer 22

Ubisoft.

Question 23

Which variant of Petya targeted mainly German-speaking users?

Answer 23

GoldenEye.

Question 24

Which ransomware affected over 230,000 systems globally in 2017?

Answer 24

WannaCry.

Question 25

What kind of services were disrupted by the Robinhood ransomware attack?

Answer 25

Municipal services in the City of Baltimore.

Question 26

Which ransomware is associated with the cybercriminal group FIN11?

Answer 26

Clop.

Question 27

What was the ransomware strain that targeted the Washington DC Police Department?

Answer 27

Babuk.

Question 28

Which ransomware attack affected over 1,500 downstream companies in a single supply chain attack?

Answer 28

REvil/Sodinokibi.

Question 29

What was the maximum ransom demand made by REvil ransomware?

Answer 29

$70 million.

Question 30

Which vulnerability did both WannaCry and NotPetya exploit?

Answer 30

EternalBlue.

Question 31

Name the ransomware that was distributed via macro-enabled Word documents.

Answer 31

Locky.

Question 32

How did Maze ransomware persist in systems after infiltration?

Answer 32

Using tools like Cobalt Strike.

Question 33

What is the main goal of ransomware attacks like those executed by Maze and Egregor?

Answer 33

To extort money by encrypting data and threatening to leak it.

Question 34

What is ransomware-as-a-service (RaaS)?

Answer 34

A model where ransomware is provided to affiliates who carry out attacks for a share of ransom profits.

Question 35

How did Bad Rabbit ransomware disguise itself to infect systems?

Answer 35

As a Flash update in a drive-by download.

Question 36

What group is responsible for the creation of Clop ransomware?

Answer 36

FIN11.

Question 37

What major American company paid ransom due to a DarkSide attack in 2021?

Answer 37

Colonial Pipeline.

Question 38

Which ransomware attack caused over $10 million in damages to the City of Atlanta?

Answer 38

SamSam.

Question 39

Which exploit was initially leaked by the Shadow Brokers and used in multiple ransomware attacks?

Answer 39

EternalBlue.

Question 40

Which ransomware primarily targeted small to medium-sized businesses by exploiting weak RDP implementations?

Answer 40

Dharma.

Question 41

How was GoldenEye ransomware typically distributed?

Answer 41

Through malicious Word and Excel file attachments in phishing emails.

Question 42

Name the ransomware that gained access to systems using the EternalRomance exploit.

Answer 42

Bad Rabbit.

Question 43

What distinguishes REvil’s operation style from traditional ransomware?

Answer 43

Its sophisticated affiliate model and extremely high ransom demands.

Question 44

What was a common entry point for Ryuk ransomware?

Answer 44

Remote Desktop Protocol (RDP) and phishing.

Question 45

Which organization experienced data leaks as part of Maze ransomware’s double extortion tactic?

Answer 45

Cognizant.

Question 46

Which ransomware often arrived after TrickBot infections and targeted high-profile victims?

Answer 46

Conti.

Question 47

Define ‘living off the land’ techniques in ransomware attacks.

Answer 47

Using native tools like PowerShell to avoid detection.

Question 48

Which ransomware group claimed earnings over $2 billion before shutting down?

Answer 48

GandCrab.

Question 49

How did TeslaCrypt initially distinguish its targets?

Answer 49

By focusing on gaming files such as save data and downloadable content.