- Sep 2, 2021
- 2,648
Be careful with FS. The intrinsic ransomware protection leaves a bit to be desired from time to time, even though files encrypted were within protected folders (eg Pony). Better to use it with CF- at least here the encrypted files will only be within containment.
I'm bouncing on this, I just tested...
I didn't use Pony because the dropper didn't work unfortunately.
For this test, I got a dropper from the Pandora Ransomware.
I then modified the file a little bit (if you knew any, I repacked the malware with a Confuser) . F-Secure Database and DeepGuard did not block.
Honever, the anti-ransomware protection was useless. MP3 file, txt file and jpg file were encrypted....