justincase 0 Posted November 26, 2015 Share Posted November 26, 2015 We have ESET File Security running on a few Windows 2008/2012 file servers. Let's say an unprotected PC on the network become infected with Cryptolocker or a crypto variant. Would ESET file security catch or stop the real time encryption of the files on the server or does this go undetected? Does any one have any expeirence with such scenario or any documentation to support this? Thanks. -Justin Link to comment Share on other sites More sharing options...
ESET Moderators Solution TomasP 311 Posted November 27, 2015 ESET Moderators Solution Share Posted November 27, 2015 Hello, In case of shared documents stored on the server, there would be no infected payload transferred to the server itself, the encryption would be executed on the unprotected PC, thus the malware would not reach any system with a security software that could stop it. From the server's point of view, it is simply a read access to the file and then a write access to change its content, thus a seemingly legitimate operation any PC performs thousands of times per day. That is why it is very important to have a security solution on the whole network, not just on a part of it. Regards, T. Link to comment Share on other sites More sharing options...
haronaroum 0 Posted December 3, 2015 Share Posted December 3, 2015 (edited) Even if you don’t care much about what happens on Internet world every day, you should hear about this name: CryptoWall once in your life when you read news online, or at least you know what ransomware is. Ransomware is primarily a type of malware that have been used by vicious cyber hackers as a accustomed tool to extort money from victims by unexpectedly encrypting all data that saved on their systems and demanding a ransom in return for the private key to decode their data. CryptoWall is one of the members of Ransomware family and its 4th generation was just released recently. The previous version just released in January this year. Far from being hit and limited, it seems that this ransomware has been running wild without restraint in a relatively fast speed so that the malware developers are able to develop a successor within a year. Edited December 3, 2015 by Marcos URL to a fishy website removed Link to comment Share on other sites More sharing options...
Recommended Posts