Following up on the Beta 2 release of TEMASOFT Ranstop, featuring screen locker protection, our Research Lab Team staged a demo to assess the effectiveness of the new security feature.
For this exercise, we got hold of a Graftor screen locker variant to tested out the ability of Ranstop to detect and block screen lockers.
Screen lockers are malicious ransomware programs that prevent users from accessing their machine, by disabling the desktop, or the user interface of the operating system. After they infect a computer, a ransom note is displayed asking the users to pay to regain access to their computers. Most screen lockers do not encrypt files as typical ransomware does. So in the case of such an infection, the files can be recovered from the hard drive (if access to the desktop cannot be restored), using another machine. However, there are variants that along with locking the screen, encrypt files as well, making it harder or impossible to recover.
The Graftor screen locker ransomware variant is a simple executable that can be accidentally downloaded from malicious websites, or installed by adware or other malicious software. Upon execution, it disables Task Manager and suspends Windows Explorer while showing a ransom note. This situation makes it impossible for the user to access the computer and restore the user interface of the operating system.
TEMASOFT Ranstop detects and stops this variant in around 6 seconds, time in which the ransomware managed to deliver its functionality and display the ransom note. However, TEMASOFT Ranstop killed and quarantined the ransomware process, and then restored access to Task Manager. An incident is logged in the Ranstop Console. The user can use Task Manager to restore Windows Explorer, and everything is back to normal in under one minute.
Case Conclusion
TEMASOFT Ranstop managed to successfully block this screen locker variant and restore access to the machine in under one minute.
Click here to watch TEMASOFT Ranstop in action (video)!
TEMASOFT Ranstop is an anti-ransomware software that detects present and future ransomware, based on file access pattern analysis with a high degree of accuracy. At the same time, it protects user files so that they can be restored in case of malware attacks or accidental loss.
For more information, follow us on social media and subscribe to our newsletter.
This post was last modified on August 21, 2023 7:27 am
In the digital world, information is often stored and transferred through files. From the most…
Introduction Data security is more important than ever in today's fast-paced digital world. One critical…
Introduction: Cyber threats are a growing concern for businesses and individuals alike. With the increasing…
Microsoft Internet Information Services (IIS) is a popular web server that is widely used to…
File tracking is an important aspect of server administration, and it can help administrators detect…
File monitoring solutions are essential tools for administrators to manage and protect their organizations' data…