Free Bitdefender tool prevents Locky, other ransomware infections...

Discussion in 'other anti-malware software' started by hawki, Mar 29, 2016.

  1. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    1,954
    Location:
    DC Metro Area
    "Crypto-Ransomware Vaccine
    Released



    Bitdefender anti-malware researchers have released a new vaccine tool which can protect against known and possible future versions of the CTB-Locker, Locky and TeslaCrypt crypto ransomware families.

    “The new tool is an outgrowth of the Cryptowall vaccine program, in a way.” Chief Security Strategist Catalin Cosoi explained. “We had been looking at ways to prevent this ransomware from encrypting files even on computers that were not protected by Bitdefender antivirus and we realized we could extend the idea.”

    The new tool is available for download on the

    https://labs.bitdefender.com/blog/

    NB: Installing the new tool appears to uninstall the original version, which apparently has lost most of its effectiveness because of the evolution of Cryptowall. It appears that this new version does not offer protection against the CryptoWall family of ransomeware.

    http://www.pcworld.com/article/3049...mware-infections-for-now.html#tk.rss_security
     
    Last edited by a moderator: Mar 29, 2016
  2. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,010
    Location:
    The Netherlands
    I don't get it, so this new version only protects against 3 specific ransomware variants, and the old one lost its effectiveness? Sounds a bit crappy to me, and it doesn't make use of behavior blocking methods like WAR, MBARW and HMPA.
     
  3. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    I can't make sense of it either and I can't find a changelog.
     
  4. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    1,624
    Location:
    Toronto, Canada
    All this does is tricks those 3 particular stains into thinking that they have already encrypted your files. Bad idea, in my opinion. This only covers those 3 current strains; old strains and future strains would blow right by this. I think that this would even provide users with a false sense of security.
     
  5. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,237
    I'm can only presume it will be updated to offer better protection in the future. I'm checking for updates to it every day, so I can update it as soon as a new version is released.
     
  6. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    Have you had a look at CryptoPrevent?
     
  7. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,237
    @Victek I just took a quick look at it, and I am worried that maybe it might prevent some legitimate software from running.
     
  8. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    FYI I've been using it for almost a year and haven't experienced any issues with it set at the default "set and forget" level. At the maximum protection level it warns that it may be necessary to temporarily turn it off in order to install or uninstall software; I haven't tried running it at that level to see how/if it gets in the way. I just run HMP.A along with it for additional, active protection.
     
  9. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    1,624
    Location:
    Toronto, Canada
    @roger_m With CryptoPrevent, you can also create many finely tuned SRP rules with their SRP editor. It also has options to deal with any legitimate software that needs to run from user directories as well, whether that be updates or whatever. I would definitely recommend CryptoPrevent over this tool from Bitdefender as it is currently.
     
  10. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    4,085
    Bitdefender releases free antiransomware tool
    http://www.softwarecrew.com/2016/03/bitdefender-releases-free-antiransomware-tool/

     
  11. daman1

    daman1 Registered Member

    Joined:
    Mar 27, 2009
    Posts:
    758
    Location:
    MICHIGAN,USA
    Right and what would you expect from FREE.
     
  12. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    I'm not sure what you mean. Regardless whether or not a tool is free it's important to know what its capabilities and limitations are. Regarding anti-ransomeware in particular, only software that provides the best protection possible is acceptable IMHO.
     
  13. daman1

    daman1 Registered Member

    Joined:
    Mar 27, 2009
    Posts:
    758
    Location:
    MICHIGAN,USA
    I agree but how many free tools out there give you full protection.
     
  14. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    Of course you are correct; many free tools do not give full protection and it is a mistake for users to expect them to. Personally I don't try to get by with free security software; those who do should do their homework. :)
     
  15. daman1

    daman1 Registered Member

    Joined:
    Mar 27, 2009
    Posts:
    758
    Location:
    MICHIGAN,USA
    Correct :thumb:
     
  16. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,010
    Location:
    The Netherlands
    Yes, it's not advanced protection, I wonder why Bitdefender doesn't offer a more robust solution.
     
  17. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    They probably do in their paid products. This is a freebee. You get what you pay for.
     
  18. daman1

    daman1 Registered Member

    Joined:
    Mar 27, 2009
    Posts:
    758
    Location:
    MICHIGAN,USA
    I'm sure they do in there paid AV suites
    Correct, freebees will always be stripped down versions.
     
  19. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,010
    Location:
    The Netherlands
    The problem is that if this tool fails to protect, it might hurt Bitdefender's image.
     
  20. Hiltihome

    Hiltihome Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    550
    Location:
    Baden Germany
    If set to start with windows and minimize to tray, there is no icon in tray, after reboot.
    If then started from start menu, there is no more GUI, nor a tray icon, although the service is running.

    Anyway, I installed it on a WIN7-64 machine, only to see how it does.
    I don't aspect this to be a protection from modified cryptoware.
    To simple approach, to last more than a few days...
     
  21. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,237
    I don't want to have to got to the trouble of creating rules. I'm using the tool from Bitdefender as all I had to do was install it, and nothing else.

    I believe I'm already quite well protected anyway with VoodooShield and HMP.Alert.
     
Loading...