PayPal Wins Patent for Ransomware Detection Solution


Global payment processing platform PayPal has been awarded a patent for a technique that can help with the timely detection and reduction of ransomware attacks. Ransomware attacks are a form of malware that takes over the victim’s computer, locks up the files therein and demands a ransom before the files can be accessed again — often to be paid in cryptocurrency.

“Frequently, the malicious party will demand that the user pay him some amount of anonymous crypto-currency (e.g., BitCoin) in order to have the user’s files decrypted so that they are accessible again,” per the description of PayPal’s patent, which was filed with the United States Patent and Trademark Office almost three years ago and was awarded on April 16, 2019. “If the user does not pay, then the files may remain encrypted and inaccessible.”

The patent details how the company, and by extension computer users, can detect and prevent ransomware from locking up certain files with the use of existing system data.

The technique will distinguish between two pieces of content loaded in the cache of a computer system, comparing the two to determine if a version has been altered and encrypted. If this is found to be true, the version that is yet to be altered will be prevented from being deleted by the ransomware. Essentially, it will see to it that the original content is still accessible, even if the ransomware has affected the altered version.

“By detecting that ransomware is operating on a computer (e.g., by correlating between the original data and content in different cache layers), the negative effects of the ransomware may be mitigated or avoided,” according to the patent abstract.

Ransomware attacks have become increasingly frequent with devastating effects. The inability to access valuable data is particularly detrimental to large companies.

A report from RT noted the steps that major corporations have been taking to prepare for the occurrence of ransomware attacks. Attackers have been known to demand bitcoin payments in exchange for the release of their locked data due to the perceived anonymous nature of crypto transactions. RT reported that, due to this trend, companies have been silently piling up BTC to ensure that they can make these payments in the event of a ransomware attacks.