Bitdefender Anti-Ransomware aims to help you keep your data safe by protecting you and your computer against the ransomware.
It is a new vaccine tool which can protect against known and possible future versions of the CTB-Locker, Locky and TeslaCrypt crypto ransomware families. No complicated configuration is required to have it up and running.
Bitdefender Anti-Ransomware monitors your PC in real time and automatically blocks ransomware actions. It can be launched with Windows and set to run minimized in the system tray, safeguarding your computer without interfering with your work.
Aside from real-time anti-ransomware protection, this application integrates an immunization technique that prevents executables from the 'AppData' and 'Startup' folders to launch.
Local files are encrypted using a randomly generated 2048-bit RSA key pair that’s associated with the infected computer. While the public key is copied on the infected computer, the private key can only be obtained by paying for it within an allocated amount of time. If the payment is not delivered, the private key is threatened to be deleted, leaving no possible unencrypting method for recovering the locked files.
One of the most common infection vectors relies on drive-by-attacks through infected ads on legitimate websites, but it has also been known to infect via infected downloaded apps.
Bitdefender Anti-Ransomware Features:
- Use an antivirus solution that is constantly updated and able to perform active scanning
- Schedule file backups (either locally on in the cloud), so data can be recovered in case of corruption
- Follow safe internet practices by not visiting questionable websites, not clicking links or opening attachments in emails from uncertain sources, and not providing personally identifiable information on public chats rooms or forums
- Implement / enable ad-blocking capacities and anti-spam filters
- Virtualize or completely disable Flash, as it has been repeatedly used as an infection vector
- Train employees in identifying social engineering attempts and spear-phishing emails
- Enable software restriction policies. System administrators need to enforce group policy objects into the registry to block executables from specific locations. This can only be achieved when running a Windows Professional or Windows Server edition.