Once a computer is infected, their files will be encrypted and have the .kk extension appended to encrypted files.
Jump to content
Posted 16 August 2017 - 10:52 AM
Posted 28 August 2017 - 03:46 PM
When I have to use windows I go with PRO not home and use software restriction policies. These will block this kind of stuff. For people running home or those who prefer not to manager SRP rules use cryptoprevent or something similar. Running a default deny with srp can keep the rules on the lite side and do a good job. Cryptoprevent and similar use paths, hashes and watch files. Good stuff but can cause unexpected issues, slow log on times and so on.
So far it looks like sonicwall Gateway av can catch this one but not seeing any mention of it on my preferred AV vendor - webroot - site.
0 members, 0 guests, 0 anonymous users