One-Click-Ransomware - How to protect against?

Der.Reisende

Level 45
Thread author
Honorary Member
Top Poster
Content Creator
Malware Hunter
Dec 27, 2014
3,423
According to this article at German magazine "Heise", there's a new site (Tox) making it pretty easy to produce new ransomware viruses. As each of them is unique, there might not be a AV-signature at the time it might arrive on the computer.

So how to protect myself against this new threat? Or is it just scaremongering?

As to protection, my Laptop is equipped with Kaspersky IS 2015, MBAM Pro, Hitman Pro + Alert, updates /sigs for each software as well as Win 8.1 are installed as soon as they appear (usually).

Scans are regularly done.

I use eM-Client to receive my mails, and move all unknown / suspicious mails to spam to blacklist them and delete them afterwards (without opening).

Browser is current Chrome with AdBlock Plus, LastPass, WOT, HTTPS Everywhere and KIS Plugin activated.

Looking forward to you reply.

P.S.: Here's the link to the article (German though):
http://www.heise.de/security/meldun...assgeschneiderte-Krypto-Trojaner-2668860.html
 
D

Deleted member 21043

Hello @Der.Reisende

Truth be told, you are the first line of defense to preventing Ransomware attacks. This can be from browsing habbits to what devices you plug into your system (the device may be infected). In case of Autorun infections, you can disable Autorun.

Your Antivirus/Antimalware products come second in the line of defense, but there is a chance they be unable to prevent the attack - they either do not have a detection for the specific sample, the BB/HIPS or any other zero-day components are not strong and matured enough to pickup the malicious behaviour and block the attack.

You can start by not visiting websites aimlessly, only visit websites which you trust. If you receive a URL in an E-mail or over a chat program like Skype from a friend/family member, check it before you click the URL... How do you know your friends/family members aren't infected, thus the malicious software automatically sending you the message?

Do not download things aimlessly. If you are unsure of a download, you can check the detection ratio at https://www.virustotal.com/, if there are no detections but you are still unsure and do not trust the newly downloaded program, you can use a Sandbox: http://www.sandboxie.com/

You can use software like Shadow Defender instead if you feel the need - then when an infection occurs, you can solve it very quickly. You can read more about the product at the official website: http://www.shadowdefender.com/

TIP: Do not allow programs to run with Administrative Priveleges without doing research on the program/software.

Always make sure to make a backup of your system. If you end up with a Ransomware infection, paying the ransom in my opinion is not recommended because this will encourage the hacker to continue distributing Ransomware samples and actually rewards them for their dark actions. If your important files were not backed up however then become encrypted, you'll be a bit stuck. Keeping a backup of your system at all times will help you out in that situation, since you'll have a backup of your files in a safe place to bring out in the case of after cleaning the infection.

You could look in to Paragon Backup & Recovery. There is a free option available: https://www.paragon-software.com/home/br-free/

NOTE: I wrote this without taking note of what software you have for your configuration and your habbits. So if you already follow something above I wrote, then do not worry. As for your configuration (Kaspersky, Malwarebytes, HitmanPro + Alert), I think it's good.

Cheers. ;)
 
Last edited by a moderator:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top