Bitdefender blocks WannaCry

Status
Not open for further replies.

mekelek

Level 28
Verified
Well-known
Feb 24, 2017
1,661

Duotone

Level 10
Verified
Well-known
Mar 17, 2016
457
This AV detects wannacry, that AV blocks Wannacry...How many of those AV protected the user on the day this Ransomware outbreak, I do wonder?!

Its now all marketing gimmicks...:D
 
  • Like
Reactions: Captain Awesome

Xsjx

Level 13
Verified
Feb 21, 2017
613
Last edited by a moderator:

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
WanaCrypt0r勒索病毒:20款杀软主防测试【关于HMPA有新情况】_国外杀毒软件_安全区 卡饭论坛 - 互助分享 - 大气谦和!
no it didn't, from the review of that guy, Avira failed fully to protect the PC.
only KIS, Bitdefender, F-Secure, RansomFree and Dr.Web managed to detect it according to that post.
according to what I understand, most of the products were updated until 12/12/2016, some had more recent databases (1/4/2017 for example for emsisoft)
therefore, this test is valid to test the zero-day component of the AVs and ignored the signatures because the sample should have been detected by most vendors

the AVs which passed the test means they have relatively good BBs or whatever, at least to this sample

EDIT: avira free failed to upload the sample to avira cloud otherwise it could have been blocked. Not sure if pro can do better
 

mekelek

Level 28
Verified
Well-known
Feb 24, 2017
1,661
according to what I understand, most of the products were updated until 12/12/2016, some had more recent databases (1/4/2017 for example for emsisoft)
therefore, this test is valid to test the zero-day component of the AVs and ignored the signatures because the sample should have been detected by most vendors

the AVs which passed the test means they have relatively good BBs or whatever, at least to this sample
yea, that's what i also gathered from the translation google made.

thing is, what's the point of detecting ransomware after it became widespread? it's sad to see how many AV still rely on signatures solely.

not surprised about KIS and BD, but Dr.Web surprised me.
 

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
yea, that's what i also gathered from the translation google made.

thing is, what's the point of detecting ransomware after it became widespread? it's sad to see how many AV still rely on signatures solely.

not surprised about KIS and BD, but Dr.Web surprised me.
yes, I like this kind of test. However, I don't really understand why avast or AVG with IDP/software analyzer could not block it while the test conducted by MT hub showed AVG's software analyzer successfully blocked it. This might be due to the outdated version of IDP or the inconsistency of IDP, I also found while ago
outdated version of zero-day components could have changed the efficacy of the product
I think this should be taken as grain of salt
Dr.Web does have a very good behavioral blocker, confirmed by MT hub but it was a bit lacking against cerber ransomwares
 

kamla5abi

Level 4
Verified
May 15, 2017
178
Hi, I just registered an account now, but have been lurking these forums for quite a long time ;)
Always managed to blow thru [too] many hours of time reading all of the information here o_O:p

After reading this post, i just have 1 question:
Does this apply to BD free too? or only any paid version of BD software?
meaning, does BD 2017 free also have a level of ransomware protection as any BD paid version?


I know on their website when you compare features of free vs paid, it doesnt say "ransomware protection" for the free antivirus product..
--> i read here about separate BD anti-ransomware program (that is free to download separately from their website)
-----> but i also read somewhere on these forums that BD anti-ransomware free software doesn't work that well ?? o_O

Cheers :cool:
 
Last edited:

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Does this apply to BD free too? or only any paid version of BD software?
meaning, does BD 2017 free also have a level of ransomware protection as any BD paid version?

I know on their website when you compare features of free vs paid, it doesnt say "ransomware protection" for the free antivirus product..
--> i read here about separate BD anti-ransomware program (that is free to download separately from their website)
-----> but i also read somewhere on these forums that BD anti-ransomware free software doesn't work that well ?o_O

Cheers :cool:
1/ this is also applied to BD free. WannaCry should be picked up by BD signatures so you don't have to worry
BD free has almost the same level of protection like the paid version in default settings. In paid versions, ransomware protection is turned off by default and advanced threat control is set to Normal
BD free does not have the ransomware protection but it has advanced threat control (ATC), set to an unknown level (low or normal, I don't know, properly normal). Ransomware protection is partially covered by the signatures and ATC. ATC worked well against ransomwares according to my video review. Ransomware protection in paid version helped to block more ransomwares

2/ yes, I'm the one who said BD antiransomware tool did not work. In fact, it is 0% efficacy. I tested 3 times and it never blocked anything. Shame on it
I recommend checkmal appcheck antiransomware or kaspersky antiransomware tool to run alongside BD free. You are well covered
 

DarkJoney

Level 2
Verified
Aug 6, 2014
82
It would be a bit more interesting, if the title was "Bitdefender doesn't block WannaCry" ;)

Xsjx - it doesn't matter who was the first, it's more important that widespread AVs could protect us....
P.S Has Avira still have the same UI like it had at 2008? Still remember this cool days, when my dad was replacing pirate AVP/KIS keys every week, when I was using free Avira...
 

DarkJoney

Level 2
Verified
Aug 6, 2014
82
I know that Hitman Pro Alert, Malwarebytes 3, Emsisoft and Kaspersky blocked this Ransomware without signatures by using behavior blocker technology.
When a antivirus detect a know piece of malware it isnt anything special, it is a obligation (not saying that Bitdefender didnt block proactively).
True. I don't trust to signatures, I respect more advanced tech like Behavior, rank, and HIPS...
 
  • Like
Reactions: Nightwalker

kamla5abi

Level 4
Verified
May 15, 2017
178
1/ this is also applied to BD free. WannaCry should be picked up by BD signatures so you don't have to worry
BD free has almost the same level of protection like the paid version in default settings. In paid versions, ransomware protection is turned off by default and advanced threat control is set to Normal
BD free does not have the ransomware protection but it has advanced threat control (ATC), set to an unknown level (low or normal, I don't know, properly normal). Ransomware protection is partially covered by the signatures and ATC. ATC worked well against ransomwares according to my video review. Ransomware protection in paid version helped to block more ransomwares

2/ yes, I'm the one who said BD antiransomware tool did not work. In fact, it is 0% efficacy. I tested 3 times and it never blocked anything. Shame on it
I recommend checkmal appcheck antiransomware or kaspersky antiransomware tool to run alongside BD free. You are well covered
thank you for your quick answer, yes i think i remember it was you that said BD anti-ransomware free tool is useless :) too bad, as unsuspecting users who download it will think they are protected, but in reality they are wide open :eek:

I have Windows 10 Home 64bit
I used to use BD free until now, but i will clean format my laptop soon (new ssd, laptop few yrs old), so I am researching what security software to use now... Especially since new 0day ransomwares are more and more popular now :eek: Even though I don't install random software or go click happy at shady websites too much, still could get 0day infection from others thru email/school wi-fi network/etc i guess... better to try to be safe against new ransomware, instead of trying to decrypt files after infection..

Was going to just use BD free again, but from reading OP wasn't sure if BD free covers against ransomware at all.

Your post makes sense, that BD free ATC will protect against some [or many?] new ransomwares, but
confirms that BD free doesn't include "ransomware protection" specific module; only BD paid has that (but is turned off by default lol wtf o_O). However, I guess when any ransomware gets a little bit older (few days or so maybe?) then the signature will soon be added into BD signatures, so then even BD free will protect against that ransomware for sure (due to BD free signature protection being equal to BD paid signature protection).

TL;DR...
For 0day/new ransomware: BD free protection (via ATC) is less than BD paid (via "ransomware protection" specific module).
But still very good looks like from yours (and others) video tests :cool:

Cheers and thanks ;)

(unrelated)--------
is website anti-virus4u(dot)com legit to buy AV software? I found some decent discounts thru that for BD paid products (2 laptop, 2 android cell phone) if i just buy paid BD product... maybe theres some other website you guys know of that gives good discount ? I am living in Canada
 

Xsjx

Level 13
Verified
Feb 21, 2017
613
It would be a bit more interesting, if the title was "Bitdefender doesn't block WannaCry" ;)

Xsjx - it doesn't matter who was the first, it's more important that widespread AVs could protect us....
P.S Has Avira still have the same UI like it had at 2008? Still remember this cool days, when my dad was replacing pirate AVP/KIS keys every week, when I was using free Avira...
I have used Avira only this Year so i cant say..
 
  • Like
Reactions: Handsome Recluse

ras74

Level 2
Thread author
Verified
May 11, 2014
60
system infected wannacry with kaspersky 2018 lol
wwkl_tmp_22434-img_20170517_1148461095436894.jpg
 

ras74

Level 2
Thread author
Verified
May 11, 2014
60
Hello, this review is not only your servant, I saw a note space based system and not
Your screenshot does not show much.
It would be interesting if you can post a video that can give us more info about Kaspersky settings, static/dynamic detection and active processes.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top