Author Topic: Avast completetly ignoring Teslacrypt.  (Read 16052 times)

0 Members and 1 Guest are viewing this topic.

Offline Lotan

  • Sr. Member
  • ****
  • Posts: 289
Re: Avast completetly ignoring Teslacrypt.
« Reply #15 on: February 15, 2016, 11:37:05 AM »
thanks so its all in the registries then. I just hope it doesnt affect anything legit i try and install at later dates

REDACTED

  • Guest
Re: Avast completetly ignoring Teslacrypt.
« Reply #16 on: February 15, 2016, 12:15:20 PM »
Imho Avast should implement some specific kind of cryptoware prevention as Bitdefender did in their latest version. Recently I'm seeing too many samples of this kind of malware missed by Avast. It is true you can install something like cryptoprevent, but however Avast should offer better protection by itself.

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48524
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Avast completetly ignoring Teslacrypt.
« Reply #17 on: February 15, 2016, 12:46:43 PM »
Imho Avast should implement some specific kind of cryptoware prevention as Bitdefender did in their latest version. Recently I'm seeing too many samples of this kind of malware missed by Avast. It is true you can install something like cryptoprevent, but however Avast should offer better protection by itself.
You seem to forget that the infection or Malware always comes first and protection comes second. It's always a catch up game.
The first part of staying safe starts with your own ability not to click on every link you see. That may be a bit blunt but, most people are their own worst enemies.
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

REDACTED

  • Guest
Re: Avast completetly ignoring Teslacrypt.
« Reply #18 on: February 15, 2016, 01:01:16 PM »
I totally agree with you, but why Avast can't implement a defence mechanism like cryptoprevent or bitdefender cryptowall immunizer? It shouldn't be so hard...

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48524
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Avast completetly ignoring Teslacrypt.
« Reply #19 on: February 15, 2016, 01:04:09 PM »
No arguments. I agree but,that's a question for Avast to answer. :)
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31080
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: Avast completetly ignoring Teslacrypt.
« Reply #20 on: February 15, 2016, 01:17:32 PM »
Quote
It shouldn't be so hard...
If it wouldn't be so hard, every av vendor (and others) would already have created the perfect protection against it.

The largest problem is that users don't know nor bother to learn how to handle a computer (hardware/software) even near decent when it comes to security.
I would be very rich in a real short time if e.g. everyone who is using a account with administrator rights while there is no need for it give me $0,01 each time they do so.

Offline Milos

  • Avast team
  • Super Poster
  • *
  • Posts: 2293
Re: Avast completetly ignoring Teslacrypt.
« Reply #21 on: February 15, 2016, 01:41:06 PM »
Hello,
yes, we have some ideas. They are waiting for implementation and testing.

Milos

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48524
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Avast completetly ignoring Teslacrypt.
« Reply #22 on: February 15, 2016, 01:42:39 PM »
Hello,
yes, we have some ideas. They are waiting for implementation and testing.

Milos
Thanks for the reply.
(Buying FoolishIT would make it quicker. :) )
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

REDACTED

  • Guest
Re: Avast completetly ignoring Teslacrypt.
« Reply #23 on: February 15, 2016, 01:57:40 PM »
Hello,
yes, we have some ideas. They are waiting for implementation and testing.

Milos

Thank you! This is a good news.

REDACTED

  • Guest
Re: Avast completetly ignoring Teslacrypt.
« Reply #24 on: February 25, 2016, 08:43:39 PM »
Just out of curiosity - shouldn't Deepscreen pickup any ransomware?  With the ransomware starts, Avast should Deepscreen it and watch what it's doing to the virtual environment.  Once it sees cryptography going on, it warns the user that it may be unsafe - the user can then terminate it.

Or am I off base on that?

Offline Milos

  • Avast team
  • Super Poster
  • *
  • Posts: 2293
Re: Avast completetly ignoring Teslacrypt.
« Reply #25 on: February 26, 2016, 07:56:09 AM »
Hello,
yes it should, but not every ransomware encrypt files immediately after execution.

Milos

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31080
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: Avast completetly ignoring Teslacrypt.
« Reply #26 on: February 26, 2016, 10:55:43 AM »
In addition to what Milos said.

No mather what part of avast is used to detect the encryption malware,
there is also the "problem" that it shouldn't react on legitimate encryption tools like (e.g.) GNU privacy Guard and 7zip

REDACTED

  • Guest
Re: Avast completetly ignoring Teslacrypt.
« Reply #27 on: February 26, 2016, 11:35:20 AM »
I can confirm that.
Avast completely ignored Teslacrypt and other Ransomware. For last two months I have four confirmed cases with different clients running AVAST PRO. The last one is from yesterday. Not detected Teslacrypt 3, even after files being encrypted with extension mp3. All info is gone !!!

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31080
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: Avast completetly ignoring Teslacrypt.
« Reply #28 on: February 26, 2016, 11:40:26 AM »
You are wrong.
avast doesn't completely ignore encryption malware.
It can and will detect certain versions of it as has already been told.

Sure there is always room for better detection and as Milos said, avast is already working on it.

Offline PureITy

  • Jr. Member
  • **
  • Posts: 22
  • I'm a llama!
Re: Avast completetly ignoring Teslacrypt.
« Reply #29 on: March 03, 2016, 08:08:47 PM »
We had a customer yesterday where Avast Endpoint Protection Suit Plus, failed to detect TeslaCrypt, thus infecting one PC and encrypting all data stored on the company's server shared data. Thank god there was a backup!

Why did this malware not get detected?