Scared Of Cryptolocker? Install Malwarebytes' New Anti-Ransomware Software

If you're a computer professional, or even just the girl or guy that sits in front of a screen all day, then ransomware is one of the most annoying developments in your life over the last four or five years. Malware like CryptoLocker and CryptoWall can lock you out of your computer and its files entirely, until you pay up -- and it's hard to combat. Malwarebytes has a new piece of anti-ransomware software in beta that should stop your system from becoming infected.

Designed to be lightweight, simple, run in the background and to not interfere with the operation of other anti-malware or anti-virus software, Malwarebytes' Anti-Ransomware beta detects and stops the actions of ransomware software like CTBLocker and Cryptolocker in their tracks -- preventing them from ever encrypting any of your files. It comes from the company's development of a product based on CryptoMonitor, an anti-crypto bundle from a company that Malwarebytes acquired.

It's extremely quick to install and start up, uses very little memory -- like Malwarebytes' other free, lightweight antivirus software -- and works in real-time, giving you the peace of mind that your PC will be safe from marauding exploits and virii hiding in the darkest corners of the 'net. It's still in beta, but Malwarebytes says that it'll already stop every major ransomware program and will likely work just as effectively on ransomware that hasn't even been released or written yet.

At the moment, it's a bit like a bear patrol or an anti-tiger rock -- how do you know it works unless you intentionally try to infect your system with some ransomware? -- but we're more than willing to trust Malwarebytes given its excellent track record with the free and effective Anti-Malware platform and other standalone software like Anti-Exploit.

Here's an excerpt of Malwarebytes' post:

Ransomware is easy to understand but hard to beat. It infects the machine, encrypts all files and then demands payment to get the files back. Ransomware works so well that most variants will even remove themselves when the damage is done, knowing you have the choice of either paying the ransomware author to get your files back, or risk losing them forever. 
The ransomware we see today is so sophisticated that the advanced encryption it uses makes it impossible to get your files back without paying the ransom. Even using backup systems isn’t an effective countermeasure because ransomware would actively look for different types of backup systems and encrypt them, too. 
Most of today’s security software simply cannot protect you from ransomware. Ransomware does not act like traditional malware: some are automatically updated every day, and even use polymorphic (shapeshifting!) code to evade detection. This makes it exceedingly hard to detect. 
This is the type of challenge we love. When ransomware hit the headlines, we immediately started looking for a long-term answer.

[MalwareBytes Unpacked / YouTube]



    Does ransomware come from dodgy emails or dodgy websites?

      There are a bunch of different infection vectors -- in Australia, they're mostly from dodgy emails (CryptoLocker 2.0 was largely spread through fraudulent AusPost delivery notifications)

    Yep, the scariest bit is the way these things seek and encrypt backup files they find.
    Just as vendors were telling us offline backups were becoming a thing of the past, they find a new niche - ain't no way a cryptolocker can encrypt files that are on physical media in a safe in another building.

    If you are a computer professional, surely you keep regular backups and image your (healthy) PC often enough that you can laugh off ransom ware as a bad joke?

    I don't care how small the business is, 2TB hard drives are now so cheap (under $100) that literally anyone can have at least one offline backup and maybe something in the cloud too.

    Prevention is always better than cure however, so if this new product from malwarebytes is priced reasonably, i'm sure it will sell.

    Last edited 28/01/16 3:21 pm

      Some sit in stealth mode for months, so your backups are affected too. At that point having an offline backup is worthless.

        Your a guest so you'll never read this but:

        Wouldn't that be negated by using a clean system to access the backups? If the files (documents, videos, pictures, etc) can be accessed by another system, then they are not encrypted, and therefore it would be impossible for stealth malware to encrypt them without the executable running an infected system or BIOS?

    I've had this happen to me; though thankfully at the time the only place I was keeping documents was in my Dropbox. I only noticed because I saw that my Dropbox had updated every single file at once. I was then able to clear my computer of the malware and revert the dropbox files using their cloud backup feature... if the backup had been sitting locally, I'd likely have been screwed. I noticed it didn't encrypt any program files, only documents etc.

    Some users are reporting that this app produces loads of false positives... such as Google Chrome! Best not install a beta on a production machine, just as Malwarebytes warns in their blog.

    Will this protect Windows against the Reventon Malware?


Join the discussion!

Trending Stories Right Now