Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
SecureMyBit vs Cerber 3 Ransomware
Message
<blockquote data-quote="Wave" data-source="post: 560144"><p>Nice work on your project, the video is well-done! <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite109" alt=":)" title="Smile :)" loading="lazy" data-shortname=":)" /></p><p></p><p>I have an idea for your project: when you encrypt files, assign each encrypted file with a different randomly generated custom extension (for example, minimum 5 characters long including some sort of ID number and use of random characters). This way it would be extremely tricky (if not then impossible) for any ransomware sample to specifically single out on a file scan or target files which have been encrypted by your tool! (it would only have to guess if the file is encrypted altogether, via Entropy for example, as opposed to being able to know if it was SMB or not).</p><p></p><p>It's just an idea. As long as you don't inject any bytes into the encrypted files which can be used as an identification of SMB encryption (or any specific guaranteed file-name modifications to encrypted files which is recursive in your product - e.g. if you made every encrypted file have the filename "SMB_<rest of the file name>" then it could be used as an identifier) it could work out well and nicely if implemented correctly. <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite109" alt=":)" title="Smile :)" loading="lazy" data-shortname=":)" /></p></blockquote><p></p>
[QUOTE="Wave, post: 560144"] Nice work on your project, the video is well-done! :) I have an idea for your project: when you encrypt files, assign each encrypted file with a different randomly generated custom extension (for example, minimum 5 characters long including some sort of ID number and use of random characters). This way it would be extremely tricky (if not then impossible) for any ransomware sample to specifically single out on a file scan or target files which have been encrypted by your tool! (it would only have to guess if the file is encrypted altogether, via Entropy for example, as opposed to being able to know if it was SMB or not). It's just an idea. As long as you don't inject any bytes into the encrypted files which can be used as an identification of SMB encryption (or any specific guaranteed file-name modifications to encrypted files which is recursive in your product - e.g. if you made every encrypted file have the filename "SMB_<rest of the file name>" then it could be used as an identifier) it could work out well and nicely if implemented correctly. :) [/QUOTE]
Insert quotes…
Verification
Post reply
Top