Given the choice between a confirmation pop up every time you zip numerous files simultaneously or add encryption to a folder or being infected with ransomware; which would you choose? Researchers at the University of Florida and Villanova University have developed software called CryptoLock which scans your systems for bulk modification of file types, a significant change in the contents of those files and an increase in the Shannon Entropy of the files. All three of those indicate a file is being encrypted and if it is happening to numerous ones in a very short period of time then the software will put a halt to it until you confirm that this is expected behaviour. You get a quick overview over at The Register as well as a link to the PDF of the researchers work.
Sounds like a pop up we can live with, considering the alternative. Hopefully this will arrive on the market soon.
"Taking a “save what you can” approach, the authors of this PDF reckon in their tests they were able to lower the boom on ransomware when it had encrypted just 0.2 per cent of files on their test setup."
Here is some more Tech News from around the web:
- Patch Tuesday: Microsoft and Adobe push out more fixes than a tube of glue @ The Inquirer
- Vulnerability Exploitable Via Printer Protocols Affects All Windows Versions @ Slashdot
- Windows Server-as-a-service: Microsoft lays out Server 2016's future @ The Register
- Microsoft responds to 'neglected' Linux users with new Skype client @ The Inquirer
- Spotify, YouTube pay musicians with ever-shrinking buttons @ The Register
- TP-LINK Neffos C5 Max Smartphone Revealed @ TechARP
Is it CryptoLock or
Is it CryptoLock or CryptoDrop? Because CryptoLock is a known trojan.
There is a reason I had
There is a reason I had CryptoLocker on the brain and was excited to see this … good catch, I put in the right name.
…another one: “
…another one: ” …University have developed software called CryptoLock which…”
I jumped to download it as my firm had some issues a year ago with a crypto ransomware bugger, but it’s not available yet. Can’t wait.
Why not just back up your
Why not just back up your stuff which you should do anyway, Worst case scenario you format hard drive and reinstall.
At home that’s fine. At work
At home that’s fine. At work it means a lot of downtime while you format or factory reset everything and recover from backup.
It’s the same thing like with a regular virus: you would want to make it harder for the bugger to get loose on your network and until now, I don’t think I’ve seen any research results in this field.
Restoring ~1TB of server from
Restoring ~1TB of server from TAPE! Formatting a HDD is the best case scenario.