Posts

Ranstop anti-ransomware protects against Lukitus variant of Locky

Test subject – Loky Lukitus ransomware The Lukitus Loki variant is part of a new campaign following the “diablo” variant and is distributed via email campaigns containing malicious scripts either as office files or zip archives. One interesting feature of this variant, similar to the CryptoWall functionality, is that of scrambling files to make recovery even more difficult. […]

Cerber ransomware evolves to steal passwords and Bitcoin wallets

Cerber made the headlines again, this time with the latest variant as it brings new functions to the table. Some experts say that the evolution of ransomware is towards developing worm-like capabilities, like NotPetya and WannaCry, but this new Cerber variant shows another development direction: that of adapting ransomware to perform data exfiltration as well. […]

What is anti-ransomware

Anti-ransomware is a technology created to protect user data, in response to the ransomware phenomenon, a major concern and one of the biggest threats to cyber security nowadays. However, it is a rather new type of threat as major ransomware attacks started over three years ago, and it took some time until the community recognized […]

Ranstop protects against a GlobeImposter variant (.725)

Test subject – GlobeImposter ransomware This GlobeImposter ransomware is delivered as a java script via email campaigns and bypasses classic antivirus detection technologies. It has been maintaining a very low detection rate on Virustotal.com for several days. At the time of our live test, this variant was a top contributor to the latest ransomware incidents, according to the Bleeping […]

Ransomware detection – Targeted vs. random attacks

When it comes to ransomware detection, targeted ransomware attacks are very difficult to identify through classic anti-virus technology. Although such attacks are less frequent than their random, mass, counterparts, they are far more devastating and expensive mainly because they have a higher chance of succeeding in encrypting the files. Let’s look at some important differences […]

Ranstop protects against PowerShell ransomware – TEMASOFT Lab Demo

Test subject – PowerShell ransomware This PowerShell ransomware variant is particularly dangerous because it bypasses conventional anti-malware tools and renders files unusable. It uses a legitimate process to run the file encryption, eluding application control, heuristics and sandbox detection techniques. At the time of the test, less than a quarter of the solutions (according to […]

Ranstop protects against Oxar ransomware, a HiddenTear variant – TEMASOFT Lab Demo

Test subject – Oxar, a HiddenTear variant Oxar is a HiddenTear variant with a highly destructive potential. It features anti-debugging characteristics like protected memory zones, as well as environmental awareness to identify Sandobx environments. The ransomware encrypts user data into new files with the “.OXR” extension, and then removes the original. It demands a Bitcoin […]

How can anti-ransomware software support your disaster recovery plan?

Anti-ransomware software supports your disaster recovery plan and protects files and backups and so it is a great addition to your strategy. Disaster recovery plans are being developed to ensure business continuity in case of incidents that affect systems and data. All such projects include solutions that perform regular backups of important files, in various […]

Ransomware protection: why are dedicated anti-ransomware products better than classic antivirus solutions?

Lately, there is a lot of disagreement related to why people who have various types of antivirus solutions in place, still get infected by ransomware. Experts’ opinions on the matter vary, some say antivirus is obsolete and should evolve into something else, like ransom antivirus, while others advocate for multi-layered ransomware protection strategies that include several […]