Karamjit Posted November 10, 2015 Share Posted November 10, 2015 Users can now protect themselves against CryptoWall 4.0A few days ago, the first version of CryptoWall 4.0 was spotted in the wild by malware researchers from Bleeping Computer. The ransomware didn't change too much compared to version 3.0, but it changed enough to cause problems to any detection or prevention systems put out by cyber-security vendors. One of those systems is Bitdefender's CryptoWall Vaccine, a.k.a. the Bitdefender Anti-Ransomware kit. Integrating the changes that CryptoWall 4.0 brought forward, the CryptoWall Vaccine can now prevent infections from getting a foothold on target PCs. As for the CryptoWall Vaccine's efficiency, the name should tell you everything there is to know about it. It's a vaccine, meaning you install it before getting infected, as a way to protect yourself. Once CryptoWall has already encrypted your files, the only choices at your disposal are either using an older backup to recover some of the files or paying the ransom. With CryptoWall 3.0 operators making over $325 million in the past year, they will undoubtedly be determined to continue their criminal operations in the upcoming future. As for the method of infection, CryptoWall 4.0 still relies on phishing campaigns, taking advantage of gullible users. Bitdefender has detected active CryptoWall 4.0 campaigns targeting users in countries like France, Italy, Germany, India, Romania, Spain, US, China, Kenya, South Africa, Kuwait and the Philippines. From Link to comment Share on other sites More sharing options...
straycat19 Posted November 10, 2015 Share Posted November 10, 2015 Another resource to prevent more types of crypto ransomware ishttps://www.foolishit.com/cryptoprevent-malware-prevention/The free version requires you to do manual updates but offers the same protection that the premium version does. Link to comment Share on other sites More sharing options...
stylemessiah Posted November 10, 2015 Share Posted November 10, 2015 Or you could read here (article is 2 years old but still good advice):http://www.welivesecurity.com/2013/12/12/11-things-you-can-do-to-protect-against-ransomware-including-cryptolocker/And use The Cryptolocker Prevention Kit from point number 5 - this is a set of Group Policy Objects that blocks .exe's (including rar sfx archives from running in places they shouldnt and will often unleash the unholy ransomware on you.Or link to The Cryptolocker Prevention Kit here: http://www.thirdtier.net/2013/10/cryptolocker-prevention-kit/Theres also an update to the The Cryptolocker Prevention Kit here: http://www.thirdtier.net/2013/10/cryptolocker-prevention-kit-updates/CryptoPrevent says it does "quasi" GPO, i prefer real onesI have used a custom version of these GPO's for years. Yes you sometimes have to add specific exceptions for legimate installers and updaters (like flash) (read here: http://www.thirdtier.net/2013/10/exempting-a-program-from-software-restriction-policies/),but it also teaches you to keep an eye on things.For serve admins on Microsoft Server theres also a script to automate the same thing: http://www.thirdtier.net/2015/01/cryptolocker-prevention-script-available/ Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.