Bitdefender IS 2017 vs. NonPetya - quickie
- Thread starter Evjl's Rain
- Start date
It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
- Feb 24, 2017
- 1,661
ouch, this is bad news for BD users, thank you for the video.
- Jul 1, 2017
- 1,396
- Apr 1, 2017
- 1,782
Hello, dude.
thank you for this It's such a shame for BD
so always a special and stands alone Anti-RW tool and a backup solution is necessary.
can you pls test dr.web?
thank you for this It's such a shame for BD
so always a special and stands alone Anti-RW tool and a backup solution is necessary.
can you pls test dr.web?
- Jun 9, 2013
- 6,720
I did not expect that at all, Thanks @Evjl's Rain for that.
according to my previous test, BD's ATC and ransomware protection block 100% of other ransomwares I thew in. It only missed MBR ransomwares
therefore, we should not blame BD too much)
BD + MBRfilter can propably prevent 100% or 99.9% of ransomwares
therefore, we should not blame BD too much
)BD + MBRfilter can propably prevent 100% or 99.9% of ransomwares
- Apr 13, 2013
- 3,224
Personally I've found BD's anti-ransomware protection to be very poor, and just about as bad as MB's anti-ransomware module.
What about Avast free? Do you think it is better than BD against ransomwares?
- Apr 13, 2013
- 3,224
If I had to choose to only use an AV (God Spare Me), I would choose Avast. The reason behind this would be simply a better time to detection rate of Avast over BD. Both would probably be the same for D+1 malware, but in the first few hours Avast is superior (it;s embarrassing to admit that I still track such things!).
But to be fair to BD, NotPetya is not in its wheelhouse. They are more interested (and rightfully so) in stopping actual file encryption and NOT things like MBR and/or MFT trashers. Also one must note that although Evjl's most excellent video is valid in this case, it would not be for a typical file encrypting ransomware as BD uses Cloud Analysis to stop such things from being successful, so shutting down the Network connection would not yield a valid result.
But to be fair to BD, NotPetya is not in its wheelhouse. They are more interested (and rightfully so) in stopping actual file encryption and NOT things like MBR and/or MFT trashers. Also one must note that although Evjl's most excellent video is valid in this case, it would not be for a typical file encrypting ransomware as BD uses Cloud Analysis to stop such things from being successful, so shutting down the Network connection would not yield a valid result.
- Dec 27, 2016
- 1,480
I agree that cloud (among the different modules) could have protected from this kind of attack, like in many cases of Kaspersky ART. Thanks for another superb vid @Evjl's Rain
What I've seen frequently with different RW samples (normal mode of execution, either downloaders or direct payload), BIS'17 & BTS'18 Beta often find new variants as infected via cloud analysis / definitions OR the ATC kicks in intercepting suspicious modes of initiation of malicious activity OR the RW protection blocks the process for modifying the protected folders in uncalled-for ways.
In some cases, there is a mix of alerts at close stages, example in case of HP Cerber as I can remember.
RW protection and ATC (or Threat Defense in 2018B) are quite aggressive, often flagging the wrong things. Unfortunately BD doesn't stand well against vectors like in this video. No doubt Boot Protection had nothing to do here.
As rightly said:
Last edited:
The AntiRansomware module will protect against encrypting files by a process running under Windows. Petya uses a different mechanism.
In the video Bitdefender was partly disabled and not updated. It was not designed to be used this way, since it's not a policy based AV solution.
Best regards,
Andrei Cimpeanu
Technical Support Team Leader
In the video Bitdefender was partly disabled and not updated. It was not designed to be used this way, since it's not a policy based AV solution.
Best regards,
Andrei Cimpeanu
Technical Support Team Leader
- Feb 24, 2017
- 1,661
I kinda agree but at the same time he kinda undermines his product's ability to stop a ransomware if it doesn't have a sig.
that's the best I can do to simulate a situation before the appearance of nonpetya when there was no signature from BD for it
I also tested with the fully updated product but only ATC and ransomware protection enabled, it also couldn't block
I doubt that BD only protects users only by signatures against nonpetya. We know that signatures and heuristics are not enough against new threats. ATC even in aggressive level couldn't block it. This means when nonpetya attacks a PC protected by BD, it may infect the machine
Generic signatures can help a great deal against new ransomware. The only way you can say for certain that Bitdefender will or will not protect a brand new ransomware is wait for someone to create it and see.
Best regards,
Andrei Cimpeanu
Technical Support Team Leader
Hello,
Can you please, test the internet version security 2018, protection ransomalwares has been improved ....
Thanks.
Can you please, test the internet version security 2018, protection ransomalwares has been improved ....
Thanks.
hello, sorry but I won't be able to test it anytime soon dur to my university schedule
I may try to test Bd 2018 against MBR ransomwares to see if there is any fix or not
Similar threads
