Ransomware: a type of malware that restricts access to the infected computer system in some way, often by encrypting data, and demands that the user pay a ransom to the malware operators to remove the restriction ~ Wikipedia
While malware and cybercrime are on the increase in general, the consensus among security experts is that Ransomware in particular is fast becoming one of the most dominant threats. No surprise then, that the well respected security firm Malwarebytes’ latest offering is a software dedicated to preventing ransomware infections.
News of Malwarebytes latest release is all over the net. However, before you rush off and install Malwarebytes Anti-Ransomware Beta here is some important information you need to be aware of:
Malwarebytes Anti-Ransomware Beta Facts
- False Positives: Malwarebytes Anti-Ransomware is still in early Beta stage and, while the security company claims that during testing the software has prevented all types of known ransomware infections to date, there are many user reports of serious issues following the blocking of legitimate programs.
- Free or Not: The Beta version is available for free during the software’s initial testing period. However, once the software has matured to the point of general release it will become a Premium (commercial) product.
- Standalone or Integrated: According to a post on the Malwarebytes Forum, the final version of Malwarebytes Anti-Ransomware will not be available as a standalone product but will instead be “rolled into existing products“. One assumes that means it will eventually be integrated into Malwarebytes Anti-Malware.
Bottom Line: Unless you are an advanced user with the confidence and know-how to deal with potentially serious issues, it would be ill advised to install this software at this stage.
In light of the increasing threat posed by Ransomware, a number of security companies have released free software dedicated to preventing this type of infection. However, the majority of the free offerings are limited to protecting against one or possibly two of the most prevalent types of ransomware and do not protect against all variants. For example; as the name suggests, Bitdefender’s CryptoWall Vaccine protects against the CryptoWall ransomware only.
That said, the one free product I would recommend is CryptoPrevent. I reviewed CryptoPrevent back in 2013, not long after its initial release. However, the software has matured considerably since then. This from the developer: “CryptoPrevent was originally designed to prevent infection from the CryptoLocker threat which emerged in late 2013. Since that time, CryptoPrevent has grown into a robust solution, providing protection against a wide range of ransomware and other malware“.
Following a fairly exhaustive search, I came across only one product which the developer pretty much guarantees will protect against all types of ransomware. That’s not to say there aren’t more out there, but HitmanPro.Alert was the only one I could find.
The exclusive Risk Reduction features of HitmanPro.Alert includes behavior-based protection against high-impact crypto-ransomware, a prolific threat that slips by web filters and antivirus defenses every day. The signature-less operation of HitmanPro.Alert’s CryptoGuard technology universally prevents spontaneous encryption of data by cryptolockers.
Unfortunately, HitmanPro.Alert is not free and will set you back $24.95 per annum.
One of our readers has kindly reminded me about “WinAntiRansom” via the comments. This premium anti-ransomware product comes from the same stable as WinPatrol and includes total protection at a very reasonable price (a review is on the way). Many thanks to Ed.
Antivirus & Anti-Ransomware
Reading about all this got me to thinking about antivirus solutions and whether or not they include protection against ransomware infections. I think it’s pretty safe to assume that free antivirus solutions do not. However, there doesn’t appear to be a definitive list of commercial antivirus products which include this type of protection. So I set about thoroughly searching through the sites of a number of leading antivirus vendors looking for any mention of ransomware protection, and this is what I came with with:
- Avast Internet Security & Premier – YES
- Bitdefender Total Security – YES
- Bullguard Internet Security & Premium – YES
- McAfee range of products – YES
- Trend Micro range of products – YES
- AVG Pro – NO
- Avira Internet Security & Antivirus Pro – NO
- Bullguard Antivirus – NO
- ESET NOD32 & Smart Security – NO
- F-Secure Antivirus & Internet Security – NO
- Kaspersky range of products – NO
- Norton range of products – NO
- Panda Antivirus Pro & Internet Security – NO
IMPORTANT NOTE: Just because ransomware protection is not specifically mentioned by a vendor doesn’t necessary mean it is not included. However, considering how critical this type of protection has become, I think it’s fair to assume that no mention more than likely means no protection.
One of the most prominent security threats is something which is completely unpatchable, the human element! Most if not all ransomware requires some sort of user interaction to deliver its payload – e.g. clicking on a malicious link or popup ad, or opening a malicious attachment. As we’ve re-iterated many times here at DCT; common sense, vigilance, and caution constitute your best defenses.