App Review Vindows Locker Ransomware Demonstration

[MalwareBlockerYT]

Hi all,

Vindows Locker Ransomware! Tech Support Scamming taken to the next level For more details please watch the video

Link to Decryptor: https://malwarebytes.app.box.com/s/gdu18hr17mwqszj3hjw5m3sw84k8hlph



Thanks for watching All appropriate feedback is appreciated & watch out for my Messing With Malware Christmas Special video coming soon!

 

[MalwareBlockerYT]

It's finished uploading now!

 

[ForgottenSeer 56325]

Were you using a VPN while doing this test?

 

[Tony Cole]

It's a shame a lot of home users probably have one computer, have no clue what ransomware is, let alone which one it is. So, they are stuck, and end-up paying the money as they want their files back. I'd ring it and waste their time!!!!

P.S. are you saying that Comodo's signatures are crap, that's not very PC - LOL!!!!!!

 

[MalwareBlockerYT]

Were you using a VPN while doing this test?

Yes I was but not on the VM just on my Host PC. When I do normal AV Tests I use a VPN on both the Host & VM.

It's a shame a lot of home users probably have one computer, have no clue what ransomware is, let alone which one it is. So, they are stuck, and end-up paying the money as they want their files back. I'd ring it and waste their time!!!!

P.S. are you saying that Comodo's signatures are crap, that's not very PC - LOL!!!!!!

Yeah it is a shame & a serious problem for less advanced users. Also Comodo's signatures aren't great but they're not that bad - not like many of the other AVs shown to not detect this file.

 

[Tony Cole]

I thought Dr.Web was suppose to be very powerful. In my humble opinion Comodo is crap!

 

[MalwareBlockerYT]

I thought Dr.Web was suppose to be very powerful. In my humble opinion Comodo is crap!

I have tested Dr. Web & it's not bad but Comodo needs to improve it's signatures for sure. Comodo has some great features - Firewall, Sandbox, etc but the developers need to work on a few things.

 

[Anker_by]

I have tested Dr. Web & it's not bad but Comodo needs to improve it's signatures for sure. Comodo has some great features - Firewall, Sandbox, etc but the developers need to work on a few things.

Thats why i use only comodo firewall with avast..great video!

 

[MalwareBlockerYT]

Thats why i use only comodo firewall with avast..great video!

That is a good combination Comodo Firewall works well with most AVs but Comodo + Avast equals

 

[Der.Reisende]

Thank you for another great vid @MalwareBlockerYT, I really enjoyed watching

 

[MalwareBlockerYT]

Thank you for another great vid @MalwareBlockerYT, I really enjoyed watching

Thanks you for watching & for the positive feedback

 

[AtlBo]

Excellent video. Just to say so, I guess I would like to see more on rootkits if you ever have an opportunity. I read they are the hardest to detect and also the most difficult to remove. I see many instances where anti- decide to recommend reinstalling windows.

 

[Wave]

I read they are the hardest to detect and also the most difficult to remove

He can probably do a video on some malicious software which will utilize some rootkit functionality (e.g. Zeus, Carberp and SpyEye all had a rootkit component embedded within them to conceal evidence), but for him to do it with a brand new zero-day sample would most likely be a difficult task since it's less common to bump into deadly rootkits these days (as with bootkits), and due to how a rootkit works, you can never be sure on what it actually does unless you have the original launcher to analyse the modifications... Otherwise it's just a guessing game of searching for hooks and modifications with kernel structures and what not.

 

[MalwareBlockerYT]

Excellent video. Just to say so, I guess I would like to see more on rootkits if you ever have an opportunity. I read they are the hardest to detect and also the most difficult to remove. I see many instances where anti- decide to recommend reinstalling windows.

Thanks & I plan to look at a Rootkit in the Christmas Special video & maybe a Keylogger too

He can probably do a video on some malicious software which will utilize some rootkit functionality (e.g. Zeus, Carberp and SpyEye all had a rootkit component embedded within them to conceal evidence), but for him to do it with a brand new zero-day sample would most likely be a difficult task since it's less common to bump into deadly rootkits these days (as with bootkits), and due to how a rootkit works, you can never be sure on what it actually does unless you have the original launcher to analyse the modifications... Otherwise it's just a guessing game of searching for hooks and modifications with kernel structures and what not.

Yeah I'm sure I can find an old Rootkit lying around somewhere...

 

[MalwareBlockerYT]

Several people have said to me on Youtube via the comments/messages that the file I took a look at is a fake/joke application used to get scammers to look at their PCs but this is not the case:

VindowsLocker Ransomware Mimics Tech Support Scam, Not the Other Way Around

 

[Tony Cole]

That's what I really do not understand; Comodo has an excellent firewall and excellent virtualization yet if they'd cut the crappy lies and almost conspiracy theorist ideologies they could be very good. They offer technology even the best do not, some are probably the future of the AV industries arsenal of cyber weapons against the bad guys.

 

[TheMalwareMaster]

Comodo mostly relys on their sandbox and they don't usually have good signatures

 

[RoboMan]

Really nice video. It's clear you really enjoy testing and sharing with us, and that's what creates a great tester. Enthusiasm for his work. If i could suscribe again i would do! Great job!

 

[MalwareBlockerYT]

Really nice video. It's clear you really enjoy testing and sharing with us, and that's what creates a great tester. Enthusiasm for his work. If i could suscribe again i would do! Great job!

Thanks RoboMan

 

[RejZoR]

I've concluded based on my own test that Comodo Viruscope is also rather poor. I mean, I got WAY better results with both the new AVG Beta and Kaspersky AV 2017 using solely behavior analysis. Comodo only detected few of them. Not to mention their continuous, never ending problems with unreliable servers and services.