Boston-based cybersecurity company Cybereason has released a real-time ransomware detection and response program called RansomFree for consumers. The free software for Windows 7 to 10, the company claims, can spot most strains of ransomware before it starts encrypting files, alerting the user to take action.
RansomFree uses “behavioral and proprietary deception techniques” to detect ransomware strains in action. Users receive a pop-up notification when ransomware has been found on their computer and is trying to encrypt files. The user can then decide to take action.
“When ransomware is detected, RansomFree presents the user with a list of any files that may have been encrypted,” said Uri Sternfield, senior security researcher.
“RansomFree relies on the common denominator of all ransomware, no matter their distribution or method of operation — they all need to search for target files on the local drives and encrypt them. By anticipating these common patterns, RansomFree can bait ransomware to expose their intentions and accurately detect them before they are able to fully achieve their malicious goal.”
According to Uri, the software can detect 99 percent of all ransomware. However, ransomware is ever evolving, with new tricks to avoid detection and decryption. Sternfield added that RansomFree will be updated daily in an attempt to stay ahead in this arms race.
Despite its best efforts, Cybereason still recommends taking your computer to a professional after RansomFree has tried to clean things up to ensure no malware is still lingering.
“Pervasive ransomware variants have outsmarted traditional endpoint defenses, such as antivirus software, leaving individuals exposed to the real dangers of cybercrime,” said Sternfield.
2016 has been a bumper year for ransomware, with several infamous cases of businesses and individuals being forced to hand over thousands of dollars in bitcoin to get their encrypted files back. Research from IBM this month showed that 70 percent of infected businesses coughed up the money while Carbon Black, in its year-end report, said that ransomware was by far the fastest-growing malware in all industries.
As a result, several cybersecurity companies have been racing to release decryption tools for consumers. In July EU law enforcement agency Europol launched No More Ransom, a multilingual collaborative project with security firms that makes decryption tools freely available to consumers. Just last week, Bitdefender joined the project alongside Intel and Kaspersky Lab.
- Ransomware Popcorn Time removes itself once you infect your friends with it
- Locky and Cerber have become the dominant ransomware families
- Update: San Francisco MTA hacker allegedly hacked by a security researcher
- Windows 10 Anniversary Edition aims to knock down ransomware
- Government in Indiana pays up after ransomware stifles operations