by | | 0 comment(s)

A fighting chance against ransomware

CryptoDrop is a ransomware-killer

It’s official: whether your operating system of choice is Windows or Mac OS X, your computer is a potential ransomware target. While one bit of good news is that the emphasis on downloading apps from either the Windows Store or the Mac App Store, as well as increased security features included in Windows 10, and the upcoming macOS Sierra, offer some insulation from the chance of bumping into ransomware-laced malware, there is a large number of users who are still reliant on older and far more vulnerable operating systems, including Windows XP, or OS X Mountain Lion typically running on older MacBooks.

With that said, obscure third party software is only one side of the coin, as an increasingly preferred method of ransomware infection is through email attachments, or emails containing URLs to malware-filled websites.

Whether it is one click after opening the wrong email attachment, or after installing an innocuous-looking file converter utility, once ransomware is loose in your system, there is nothing you can do aside from counting down till all your files are encrypted, and gone forever, unless a hefty price is paid.

Fighting back

This is a bleak scenario, but according to a team of researchers from the University of Florida, lead by doctoral student Nolen Scaife, ransomware may be living on borrowed time, thanks to CryptoDrop. This new ransomware countermeasure is allegedly capable of detecting 100% of ransomware programs used during lab tests. CryptoDrop won’t be able to decrypt any files encrypted by ransomware programs, however it will stop ransomware from carrying out its purpose, with a maximum average of ten lost files.

The great thing about CryptoDrop is that it doesn’t need updates to detect new ransomware, as it works by monitoring existing programs, and by detecting any changes in their behaviors. If an application veers off from what it’s supposed to do, CryptoDrop will detect that, and kill that application in its track.

The working principle of CruptoDrop is somehow reminiscent of Microsoft User Account Control, by which the system will react if a system-specific action is carried out, except that CryptoDrop does not restrict itself to the operating system, as it comprehensively watches all applications and scans them for odd behaviors.

The team behind CryptoDrop already has a functioning prototype, and is currently seeking investors for mass deployment, which should be too difficult as this ransomware-killer is designed to play nice with existing antivirus software.

You must be logged in to post comments.