What is the primary function of crypto-ransomware?

The primary function of crypto-ransomware is to encrypt files on the infected system and demand a ransom for the decryption key. This type of malware targets user files, making them inaccessible by encrypting them with strong cryptographic algorithms. Once the files are encrypted, the attacker typically displays a ransom note that instructs the victim on how to pay in exchange for the decryption key. This method exploits the victim's urgency to regain access to valuable data, often leading them to comply with the ransom demands.

In contrast, other options pertain to different types of malicious activities. For instance, spreading spam emails aligns more closely with malware designed for phishing or distribution rather than a ransom scenario. Similarly, stealing sensitive information can characterize data breaches focused on information theft rather than file encryption. Creating a backdoor primarily serves purposes related to ongoing unauthorized access rather than the immediate extortion characteristic of ransomware.