It's better to prevent than to pay the ransom

Mar 28, 2016 17:35 GMT  ·  By
Bitdefender releases anti-ransomware vaccine for Locky, CTB-Locker, and TeslaCrypt
4 photos
   Bitdefender releases anti-ransomware vaccine for Locky, CTB-Locker, and TeslaCrypt

Romanian security vendor Bitdefender has updated its vaunted anti-ransomware vaccine to add support for the latest versions of the CTB-Locker, Locky and TeslaCrypt ransomware families currently ravaging users all over the globe.

The Bitdefender Anti-Ransomware toolkit has been around for some years now, ever since crypto-ransomware started to become popular and users understood that, once locked, recovering the files was almost impossible without paying the crook's ransom fee.

Luck also plays a role if the ransomware contains encryption flaws that allow security researchers such as Fabian Wosar to create decryptors for various variants. But these situations are very rare and often found in smaller, newly appeared ransomware families, not older tried and tested variants.

An anti-Locky vaccine is needed these days

As your doctor always tells you, it's better to prevent than to cure. So to help users stay safe against ransomware threats, Bitdefender has now added a much-needed update to its anti-ransomware toolkit, which until now has included support only for the CryptoWall and CryptoLocker families.

The most recent version, 1.0.11.26, includes additional support for CTB-Locker, Locky and TeslaCrypt.

While CTB-Locker seems to be dormant these days, Locky has just appeared on the ransomware scene. On the other hand, TeslaCrypt has seen a resurgence these past weeks. In fact, CryptoWall, Locky, and TeslaCrypt, in this order, are considered today's top 3 most popular ransomware families.

Research in cracking crypto-ransomware needs to continue

"The new tool is an outgrowth of the Cryptowall vaccine program, in a way," Chief Security Strategist Catalin Cosoi explained. "We had been looking at ways to prevent this ransomware from encrypting files even on computers that were not protected by [the] Bitdefender antivirus and we realized we could extend the idea."

Last week, security researcher Sylvain Sarméjeanne was exploring scenarios in which he could abuse bugs in the Locky ransomware to create a vaccine against the threat.

His work never materialized into a concrete vaccine, but let's face it, he doesn't have the resources Bitdefender does, a company whose product, alongside Kaspersky’s, is widely considered the best antivirus solution around.

Also last week, we had a small interview with Sean Williams, the creator of Cryptostalker, a tool to detect crypto-ransomware on Linux systems. The tool is still in its early stages of development, and Mr. Williams also wants to port it to Windows and Mac.

Bitdefender Anti-Ransomware application
Bitdefender Anti-Ransomware application

Bitdefender Anti-Ransomware (4 Images)

Bitdefender releases anti-ransomware vaccine for Locky, CTB-Locker, and TeslaCrypt
Bitdefender Anti-Ransomware applicationBitdefender Anti-Ransomware application
+1more