While starting with Ransomware Attacks, firstly we should know
"What is Ransomware? "
-> Ransomware is a type of malocious software /malware software that is designed to block access to the computer system or computer files and it encrypts the computer files and makes it inaccessible, demands a payment to restore access of a computer system.
Top Ransomware Attacks are :
TeslaCrypt was a Ransomware Trojan, which targets the video game files, saves player data/profiles, maps, games mods, etc. This Trojan not focused on computer games but also encrypted images, pdf, words and more and this all things stored on a victim's hard drives. This Trojan demand to pay $500 worth of bitcoins to restore data (i.e after payment they provide key to decrypt the files). The malware-infected computers via the Angler Adobe Flash exploit. By 2016, TeslaCrypt made 48 percent of ransomware attacks. It is impossible to restore files without help from the malware's creators. In May 2016, shockingly the developers of TeslaCrypt shut down the ransomware and provide the master decryption key.
WannaCry is the worst attack(12 May 2017) that targeted computer running on Microsoft Windows Operating System that encrypts the whole data and demanding a ransom payment in Bitcoin cryptocurrency. This is also considered a network worm because it automatically spread itself and it uses transport code to scan for vulnerable systems and then gain access by using EternalBlue which leaked by a group called The Shadow Brokers and DoublePulsar tool to install and automatically make a replica of itself and spread. It estimated that WannaCry affects more than 200,000 computers across 150 countries and which estimate a loss of millions to billion dollars. In December 2017, it formally asserted that North Korea was behind the attack and WannaCry ransomware shut down within a few days while releasing the emergency patches by Microsoft.
After WannaCry, NotPetya was released in March 2016, it was first seen in 2016, propagated via infected email attachments and targets the computers running on Microsoft Windows Operating System and infects the master boot record to encrypts hard drives files system and prevents Windows from booting. And they demand a user to make a payment in Bitcoin to restore the data and get access to the computer system. In 2017, the new variant of NotPetya used a global cyberattack targeting Ukraine via EternalBlue which believed that have been developed by NSA. This variant is modified so it unable to revert its own changes.
Ryuk is another ransomware which hit big in 2018 and 2019, its victims being chosen specifically as organizations with little tolerance for downtime. Ryuk habit it to disable Windows restores system option on infected computers because that makes more difficult to get encrypted data without paying the ransom. It is believed that the Ryuk source code is derived from Hermes which is a product of North Korea Lazarus Group. It will not execute on computers whose language set to Russian, Ukrainian.