Author Topic: RansomFree (Read 7038 times)

Lisandro · « **on:** February 03, 2017, 03:10:49 PM »

RejZoR suggested RansomFree (https://www.cybereason.com/) side-by-side with Avast.
I'm a bit affraid about a program without any setting or interface... What is it really doing?
What is the "fileless ransomware"?

"RansomFree is a behavioral anti-ransomware tool for detecting and stopping never-before-seen ransomware. RansomFree protects against local encryption, the encryption of files on network or shared drives, and catches stand-alone ransomware programs as well as fileless ransomware."

Is the "behavioral ... detection of encryption" the feature that Avast team was trying to add to Avast 2017 later this year?
Remember when they talked about it in Prague?

RejZoR · « **Reply #1 on:** February 03, 2017, 09:02:15 PM »

In a nutshell, yes, that's what avast! team has been working on for a while. Honeypot and behavior based ransomware detection, as well as generic whitelist based protection of user data folders.

RansomFree is not bad. I mean, it's free so you can't really go wrong. And even though it has virtually no interface, it doesn't really need one to be honest. It's just there and it works. It'll be a bit redundant when avast! gets all the anti-ransomware goodies, but until then, why not. Though, release of Behavior Shield will be a huge asset for avast! already.

CraigB · « **Reply #2 on:** February 04, 2017, 05:43:23 AM »

I've been following some of the cybereason topics and not sure if I'm comfortable with the "Honeypot" files placed everywhere throughout the system $:-\$ are they cleanly removed after removing the cybereason program $:-\$

I also use WinAntiRansom which works extremely well though can be a little annoying at times because it acts more like an anti exe so best off disabling before updating your known programs, it's very lite and it uninstalls cleanly.

REDACTED · « **Reply #3 on:** February 04, 2017, 02:54:09 PM »

https://www.wilderssecurity.com/threads/ransomfree-by-cybereason.390786/

Pondus · « **Reply #4 on:** February 04, 2017, 03:12:18 PM »

avast should get a similar intigrated ransomware protection as TrendMicro

https://esupport.trendmicro.com/en-us/home/pages/technical-support/1099580.aspx?vwd=MalwareTopics-_-prd=gen-_-src=HHOLanding-_-loc=Default

https://esupport.trendmicro.com/en-us/home/pages/technical-support/maximum-security-2017/1114795.aspx?vwd=KB-_-prd=gen-_-src=KB1099580-_-loc=Default

Lisandro · « **Reply #5 on:** February 07, 2017, 02:01:32 PM »

The major drawback:

Quote

The downside is that RansomFree needs a short amount of time to detect the start of the encryption operations. This means that a few of your files will be encrypted before RansomFree detects anything wrong.

https://www.bleepingcomputer.com/news/security/ransomfree-is-the-latest-app-that-tries-to-stop-ransomware-infections-on-windows/

Seems scaring

Does RejZoR tested it?

RejZoR · « **Reply #6 on:** February 10, 2017, 03:39:49 PM »

You can watch my test of Cybereason RansomFree 2.1 here:
https://www.youtube.com/watch?v=8irjdt0okg8

Back when I was testing it, it was still vulnerable to some strains as shown in video. Those have been fixed since.

Author Topic: RansomFree (Read 7038 times)

Lisandro

RansomFree

RejZoR

Re: RansomFree

CraigB

Re: RansomFree

REDACTED

Re: RansomFree

Pondus

Re: RansomFree

Lisandro

Re: RansomFree

RejZoR

Re: RansomFree