"Crypto-Ransomware Vaccine Released Bitdefender anti-malware researchers have released a new vaccine tool which can protect against known and possible future versions of the CTB-Locker, Locky and TeslaCrypt crypto ransomware families. “The new tool is an outgrowth of the Cryptowall vaccine program, in a way.” Chief Security Strategist Catalin Cosoi explained. “We had been looking at ways to prevent this ransomware from encrypting files even on computers that were not protected by Bitdefender antivirus and we realized we could extend the idea.” The new tool is available for download on the https://labs.bitdefender.com/blog/ NB: Installing the new tool appears to uninstall the original version, which apparently has lost most of its effectiveness because of the evolution of Cryptowall. It appears that this new version does not offer protection against the CryptoWall family of ransomeware. http://www.pcworld.com/article/3049...mware-infections-for-now.html#tk.rss_security
I don't get it, so this new version only protects against 3 specific ransomware variants, and the old one lost its effectiveness? Sounds a bit crappy to me, and it doesn't make use of behavior blocking methods like WAR, MBARW and HMPA.
All this does is tricks those 3 particular stains into thinking that they have already encrypted your files. Bad idea, in my opinion. This only covers those 3 current strains; old strains and future strains would blow right by this. I think that this would even provide users with a false sense of security.
I'm can only presume it will be updated to offer better protection in the future. I'm checking for updates to it every day, so I can update it as soon as a new version is released.
@Victek I just took a quick look at it, and I am worried that maybe it might prevent some legitimate software from running.
FYI I've been using it for almost a year and haven't experienced any issues with it set at the default "set and forget" level. At the maximum protection level it warns that it may be necessary to temporarily turn it off in order to install or uninstall software; I haven't tried running it at that level to see how/if it gets in the way. I just run HMP.A along with it for additional, active protection.
@roger_m With CryptoPrevent, you can also create many finely tuned SRP rules with their SRP editor. It also has options to deal with any legitimate software that needs to run from user directories as well, whether that be updates or whatever. I would definitely recommend CryptoPrevent over this tool from Bitdefender as it is currently.
Bitdefender releases free antiransomware tool http://www.softwarecrew.com/2016/03/bitdefender-releases-free-antiransomware-tool/
I'm not sure what you mean. Regardless whether or not a tool is free it's important to know what its capabilities and limitations are. Regarding anti-ransomeware in particular, only software that provides the best protection possible is acceptable IMHO.
Of course you are correct; many free tools do not give full protection and it is a mistake for users to expect them to. Personally I don't try to get by with free security software; those who do should do their homework.
If set to start with windows and minimize to tray, there is no icon in tray, after reboot. If then started from start menu, there is no more GUI, nor a tray icon, although the service is running. Anyway, I installed it on a WIN7-64 machine, only to see how it does. I don't aspect this to be a protection from modified cryptoware. To simple approach, to last more than a few days...
I don't want to have to got to the trouble of creating rules. I'm using the tool from Bitdefender as all I had to do was install it, and nothing else. I believe I'm already quite well protected anyway with VoodooShield and HMP.Alert.