New antiransomware product: RansomFree

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
...But Cybereason believes RansomwareFree has what it takes to lead the charge against ransomware. The desktop program for Windows 7 and up (as well as Windows Server versions 2008 R2 and 2012) uses behavioral analysis instead of regularly updated malware definitions to fight the bad programs. Cybereason took a look at all the ransomware it could find, and analyzed the programs for common characteristics. It then built a program to monitor for those behaviors.

If RansomwareFree finds any such behavior on your system, it flags that program for your review. By default, the program suspends any activity it deems suspicious—even if it’s a legitimate encryption program that has some behavior in common with ransomware. It’s then up to the user to either enable the program, or allow RansomwareFree to permanently quarantine the malware...

read more: This free new software protects your PC against ransomware
 
W

Wave

Hmmm... They need to make sure they keep working because I believe @Wave is developing a BB/HIPS product which should have ransomware protection built-in, also (@Wave correct me if I am wrong) :)
No need for you to be corrected, you are right :) (but of course you already know you are right hahaha)

maybe someone wants to take this new product for a whirl, I mean, try it out and see if it works?
When I set-up my new environment sometime next week I may be able to do some quick testing with the product and see if it is any good at first-glance. I wonder how it will behave against threats like Petya which will target the MBR.
 

Cortex

Level 26
Verified
Top Poster
Well-known
Aug 4, 2016
1,465
Interesting product, not found any documentation regarding any conflicts with other products & I've installed it to see what occurs, so far no problems. I am concerned about some friends who have a basic AV & nothing else: if this product works, should be great for such ones. I consider ransomware to be a huge risk esp. to those who don't image & or have little or no backups. Time will tell :)
 

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,711
Looking forward to see the results of testing on this one. 100% behavioral...my kind of app. Whoever tests this, put it through the worst LOL. The programmers are ex-miliary, so it should be interesting to see what they have come up with.
 

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,711
Strange there is nothing on the GUI but talk about the program. No settings, no controls, nothing for updates...just a few web links and a contact us link. Also, I wonder how they can sell the product commercially if it is this easy to install. No mention of license anywhere that I see. The one GUI pop up is supposed to the about pop up, but no mention of a version anywhere. I see controls to pause, update, and turn off logging on Taskbar right click. That's it basically.

I wonder if they want to show this off to then sell the app to the highest bidder.
 

Av Gurus

Level 29
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Sep 22, 2014
1,767
Hmmm... They need to make sure they keep working because I believe @Wave is developing a BB/HIPS product which should have ransomware protection built-in, also (@Wave correct me if I am wrong) :)
Hmmm... They need to make sure they keep working because I believe @Wave is developing a BB/HIPS product which should have ransomware protection built-in, also (@Wave correct me if I am wrong) :)

I would like to hear more about that @Wave.
 

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,711
This app drops some strange folders around. The one on the desktop is titled "Please don't remove me as I am here to help Cyberreason protect your computer". I opened the folder and everything looks like you've been hit with a ransomeware attack :eek:. After I pulled my heart back in my body, I realized that it could be part of the app and then found more folders in the Documents area. The files inside each folder were one each of all kinds of files. So what, the program makes these files the targets of the ransomeware? idk. Kind of creepy to look at for the first time though. I think hidden files have to be set to show to see the folders.

I have docs in other places, so I wondered if they would be protected with this setup. I noticed the folder(s) wasn't present in them. If anyone has this installed, you might check secondary drives to see if the folder is there too. I forgot to look before I unistalled. Not jumping off here, gonna wait to hear more about the app I think.
 

DardiM

Level 26
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
May 14, 2016
1,597
This app drops some strange folders around. The one on the desktop is titled "Please don't remove me as I am here to help Cyberreason protect your computer". I opened the folder and everything looks like you've been hit with a ransomeware attack :eek:. After I pulled my heart back in my body, I realized that it could be part of the app and then found more folders in the Documents area. The files were one each of all kinds of files. So what, the program makes these files the targets of the ransomeware? idk. Kind of creepy to look at for the first time though. I think hidden files have to be set to show to see the folders.

I have docs in other places, so I wondered if they would be protected with this setup. If anyone has this installed, you might check secondary drives to see if the folder is there too. I forgot to look before I unistalled. Not jumping off here, gonna wait to hear more about the app I think.
How to spread a new malware ? Saying it is a new anti-malware !? :rolleyes:
I hope all of you that will test the app have first saved all your data :)
 
W

Wave

I would like to hear more about that @Wave.
I don't want to hijack this thread and I am unable to make an official thread announcement here yet (especially since the product is not ready for public sharing yet), however more details may be on their way soon (either before the New Year or shortly afterwards).

I would love to give you an ETA for a public release however it's important that development is not rushed because this will just cause problems and I take my work seriously, the last thing I want to do is release something half-complete... I'd rather make it as close to perfect as I can, even if it just a beta release (the less bugs and more functionality the better). However, what I can tell you is that I expect it to be soon.

An example of some functionality which is already integrated into my upcoming product would be: protecting the Master Boot Record against unauthorized modifications; preventing programs from creating new start-up entries; preventing running programs from injecting into others without permission; the list can go on.

Therefore, the user can enable specific protection features from the settings area, and when this activity is triggered the user can receive an alert to allow/block that program from performing the actions, or they can just set to auto-allow/auto-block programs from performing specific actions based on custom rules on the settings area.

The above is just a basic, non-detailed example... However the product is a work-in-progress and these things take time to develop, but hopefully the public will be seeing it sometime soon!
 

Av Gurus

Level 29
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Sep 22, 2014
1,767
I don't want to hijack this thread and I am unable to make an official thread announcement here yet (especially since the product is not ready for public sharing yet), however more details may be on their way soon (either before the New Year or shortly afterwards).

I would love to give you an ETA for a public release however it's important that development is not rushed because this will just cause problems and I take my work seriously, the last thing I want to do is release something half-complete... I'd rather make it as close to perfect as I can, even if it just a beta release (the less bugs and more functionality the better). However, what I can tell you is that I expect it to be soon.

An example of some functionality which is already integrated into my upcoming product would be: protecting the Master Boot Record against unauthorized modifications; preventing programs from creating new start-up entries; preventing running programs from injecting into others without permission; the list can go on.

Therefore, the user can enable specific protection features from the settings area, and when this activity is triggered the user can receive an alert to allow/block that program from performing the actions, or they can just set to auto-allow/auto-block programs from performing specific actions based on custom rules on the settings area.

The above is just a basic, non-detailed example... However the product is a work-in-progress and these things take time to develop, but hopefully the public will be seeing it sometime soon!

Need beta testers?
:)
Does it have something similar with Hardening Config or is it something complitly diferent?
(My english is sooooo bad :confused:)
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top