Super_Spartan 56 Posted December 26, 2016 Share Posted December 26, 2016 (edited) Kinda disappointed, NOD32 didn't detect anything in this ransomware simulator.... Edited December 27, 2016 by Marcos Link removed Link to comment Share on other sites More sharing options...
itman 1,630 Posted December 27, 2016 Share Posted December 27, 2016 As noted by your screen shot, appears all test files are located on OneDrive. As the author states for the test tool, it is used to verify your network protection against ransomware. I don't believe most conventional AV ransomware protection will protect against cloud storage encryption by ransomware. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,935 Posted December 27, 2016 Administrators Share Posted December 27, 2016 It's an innocuous application that doesn't tell anything about detection and protection capabilities of ESET products. They test behavior blocking without distinguishing between malicious and benign applications. However, ESET does not only monitor the system and processes for suspicious behavior, it also scans memory for malware-like code. This also enables ESET not to warn about benign applications. Needless to say that there are many ways how the encryption works so the simulator may theoretically help malware authors to avoid techniques used by the simulator. In a nutshell, programs that pass the simulator tests may be more prone to encryption by ransomware than ESET. Link to comment Share on other sites More sharing options...
Super_Spartan 56 Posted December 27, 2016 Author Share Posted December 27, 2016 5 hours ago, Marcos said: It's an innocuous application that doesn't tell anything about detection and protection capabilities of ESET products. They test behavior blocking without distinguishing between malicious and benign applications. However, ESET does not only monitor the system and processes for suspicious behavior, it also scans memory for malware-like code. This also enables ESET not to warn about benign applications. Needless to say that there are many ways how the encryption works so the simulator may theoretically help malware authors to avoid techniques used by the simulator. In a nutshell, programs that pass the simulator tests may be more prone to encryption by ransomware than ESET. oh ok, thanks for the explanation sir Link to comment Share on other sites More sharing options...
itman 1,630 Posted January 1, 2017 Share Posted January 1, 2017 I have following with puzzled amusement the discussion of this simulator on both wilders.com and malwaretips.com by otherwise knowledgeable individuals on the results of this simulator. What this product and others like it test for is how well your security solution protects you after you have been infected by ransomware. The point that is missed in these discussions is that the primary purpose of using a security solution is to prevent the malware or in this case the ransomware from installing itself in the first place. Or to quote an old truism, " An ounce of prevention is worth a pound of cure." Link to comment Share on other sites More sharing options...
Recommended Posts