Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Register a free account to unlock additional features at BleepingComputer.com

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News: GandCrab v5 Ransomware Utilizing the ALPC Task Scheduler Exploit

Featured Deal: Get 92% off The Complete Cisco Network Certification Training Bundle

New type of Anti-Ransomware program.

Started by 34BLEEP00XX , Aug 25 2017 12:51 PM

Please log in to reply

2 replies to this topic

#1 34BLEEP00XX

Members
272 posts
OFFLINE

Gender:Male
Location:Finland
Local time:10:17 AM

Posted 25 August 2017 - 12:51 PM

Have you heard about this program: Cybereason Ransom Free? It is a military strength Anti-Ransomware program.

Back to top

BC AdBot (Login to Remove)

BleepingComputer.com
Register to remove ads

#2 34BLEEP00XX

Topic Starter

Members
272 posts
OFFLINE

Gender:Male
Location:Finland
Local time:10:17 AM

Posted 25 August 2017 - 12:53 PM

Question: I had a e-mail which saíd: Incoming voice-mail from unknown address. Was THAT also some sort of ransomware trick?

Back to top

#3 quietman7

Bleepin' Janitor

Global Moderator
51,613 posts
OFFLINE

Gender:Male
Location:Virginia, USA
Local time:03:17 AM

Posted 25 August 2017 - 05:48 PM

Cybereason Ransomfree is program similar to CryptoMonitor by Nathan Scott (which is no longer supported). Both were among the first to utilize trap files and folders...patterns of files and hidden virtual files that ransomware is attracted to. This feature is more commonly referred to as "Entrapment Protection".

I quote Nathan's explanation of Entrapment Protection from his now closed EasySync web site in this topic.

Entrapment Protection
Entrapment Protection lays numerous different types of traps all around your system that a Ransomware Infection cannot resist to touch. These traps send encrypted pattern signals back and forth between CryptoMonitor and themselves constantly. When a Ransomware Infection falls into one of these traps, the pattern is broken and CryptoMonitor immediately takes action. Once this happens, the machine is locked down and you are alerted about the infection and prompted for your decision on what actions to take. During this time, no file modifications are allowed, so your files are safe while you think about your course of action. With this protection enabled you may notice a few hidden files, registry keys, folders, and services running, but don't worry, they are there to protect you!

The use of trap files and folders is not a 100% solution...some data files typically will end up being encrypted by ransomware but whatever helps with prevention, I consider useful.

I keep a running list of ransomware prevention tools (Post #2) in this topic.

Crypto malware and other forms of ransomware spread via a variety of common vectors...opening a malicious or spam email attachment, executing a malcious file, web exploits, exploit kits, malvertising campaigns, non-malware (fileless) attacks:, drive-by downloads and RDP bruteforce attacks against servers especially by those involved with the development and spread of ransomware. Section in this topic explains in more detail the most common methods Crypto malware (file encrypting ransomware) and other forms of ransomware is typically delivered and spread.

.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015