Jump to content

Just ran RanSim = Detection failed

Super_Spartan
 Share

Recommended Posts

itman

itman 1,659

Posted
Posted

As noted by your screen shot, appears all test files are located on OneDrive. As the author states for the test tool, it is used to verify your network protection against ransomware. I don't believe most conventional AV ransomware protection will protect against cloud storage encryption by ransomware.

Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 5,070

Posted
  • Administrators
Posted

It's an innocuous application that doesn't tell anything about detection and protection capabilities of ESET products. They test behavior blocking without distinguishing between malicious and benign applications. However, ESET does not only monitor the system and processes for suspicious behavior, it also scans memory for malware-like code. This also enables ESET not to warn about benign applications. Needless to say that there are many ways how the encryption works so the simulator may theoretically help malware authors to avoid techniques used by the simulator.

In a nutshell, programs that pass the simulator tests may be more prone to encryption by ransomware than ESET.

Link to comment
Share on other sites
Super_Spartan

Super_Spartan 56

Posted
  • Author
Posted
5 hours ago, Marcos said:

It's an innocuous application that doesn't tell anything about detection and protection capabilities of ESET products. They test behavior blocking without distinguishing between malicious and benign applications. However, ESET does not only monitor the system and processes for suspicious behavior, it also scans memory for malware-like code. This also enables ESET not to warn about benign applications. Needless to say that there are many ways how the encryption works so the simulator may theoretically help malware authors to avoid techniques used by the simulator.

In a nutshell, programs that pass the simulator tests may be more prone to encryption by ransomware than ESET.

oh ok, thanks for the explanation sir

Link to comment
Share on other sites
itman

itman 1,659

Posted
Posted

I have following with puzzled amusement the discussion of this simulator on both wilders.com and malwaretips.com by otherwise knowledgeable individuals on the results of this simulator.

What this product and others like it test for is how well your security solution protects you after you have been infected by ransomware. The point that is missed in these discussions is that the primary purpose of using a security solution is to prevent the malware or in this case the ransomware from installing itself in the first place. Or to quote an old truism, " An ounce of prevention is worth a pound of cure."

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...