A New Weapon Against Ransomware
Malwarebytes, maker of the venerable MBAM security software, has released a beta version of a new tool that guards against all known variants of ransomware, the company announced on January 25. Malwarebytes Anti-Ransomware uses behavioral analysis to detect and block malware that attempts to encrypt a user’s data and extort a ransom payment.
MBAM Joins the Anti-Ransomware Battle
Ransomware is a rapidly evolving breed of malware that scrambles a user's data and demands payment. Examples include CryptoWall4, CryptoLocker, Tesla, and CTB-Locker. There are variants of each of these, and bad guys are constantly revising, improving, and disguising their wares. Traditional signature-based virus detection cannot keep up with new signature variations. Thus, Malwarebytes Anti-Ransomware (A/R) focuses on what a program does rather than what it looks like.
Victims of ransomware generally don’t know their data has been encrypted until a popup screen informs them. The message tells the victim that a ransom must be paid in exchange for the key that unlocks the data. Sometimes, the blackmailers want payment in untraceable Bitcoins, but they may also demand a wire transfer or prepaid debit card. Ransom amounts are usually $500 or more.
Malwarebytes A/R constantly monitors the activities of all running programs, looking for behaviors typical of ransomware attacks. When a given program exhibits enough signs of ransomware behavior, Malwarebytes A/R blocks the program’s actions and quarantines it before it has a chance to encrypt any files.
“During development, Malwarebytes Anti-Ransomware has blocked every single ransomware variant we have thrown at it,” the developers said in an announcement. “We are extremely satisfied with its results and are excited to bring this technology to our user community for further testing.”
Since this is the first beta (public test) version, it should not be installed on a mission-critical computer. There may be bugs in this early release, but if you want to give Malwarebytes A/R a try, you can download the Windows version from this MBAM blog page. It’s free of charge in the beta version.
What Happens After the Beta?
When Malwarebytes A/R passes beta testing, it will be not be a standalone product. It will probably end up in the paid version of the company’s security software. This is just an educated guess based on the fact that the free version of MBAM does not include the real-time behavior monitoring protection of paid versions. Currently, the Premium version of Malwarebytes Anti-Malware costs only $24.95 per year, a bargain among top-tier antimalware suites.
Ransomware is commonly distributed via compromised websites and exploit kits. But ransomware is now showing up in malvertizing - random ads infected with malware that may pop up on any site you visit. Some ransomware targets gamers; other breeds go after businesses and government agencies (including several police departments); but ransomware can also hit random home computer users.
Anti-ransomware features in security software are nice to have, but the best protection against this threat is frequent backup of all your critical data. You don’t need to pay ransom or protection money if you have a current backup; just wipe the infected machine clean and restore all but the most recent data.
Your thoughts on this topic are welcome. Post your comment or question below...
This article was posted by Bob Rankin on 29 Jan 2016
|For Fun: Buy Bob a Snickers.|
Geekly Update - 27 January 2016
The Top Twenty
ASCII Art - An Enduring Internet Treasure
There's more reader feedback... See all 21 comments for this article.
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005
- Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- A New Weapon Against Ransomware (Posted: 29 Jan 2016)
Copyright © 2005 - Bob Rankin - All Rights Reserved