Ransomware වලින් බේරෙන්න Free Tool එකක්

Sam Walton

Well-known member
  • Feb 5, 2018
    813
    683
    93
    Ransomware වලින් බේරෙන්න Free Tool එකක්

    Ransomware වලින් බේරෙමු :):)

    මන් දැක්ක එලකිරි එකෙ කිහිප දෙනෙක්ම Ransomware ඉන්ෆෙක්ට් උනා කියල දාල තිබ්බා.

    Ransomware වලින් බේරෙන්න කරන්න පුලුවන් Basic දෙවල් කිහිපයක් දාන්න හිතුනා ඒක නිසා..

    What is a Ransomware ?

    Ransomware is a form of malware that encrypts a victim's files. The attacker then demands a ransom from the victim to restore access.


    What to do if I'm infected?

    එක ගැන මන් මෙතන දාල තියනවා.

    Basic Steps you can follow after the infection.

    1. PC eka Safe Mode ekata aran, Malware-byte , Kaspersky Virus Removal Tool and Emsisoft Emergency Kit eken scan karala virus eka remove karanna..

    2. Ransomware Name eka identify karaganna mey site eka use karanna..
    https://id-ransomware.malwarehunterteam.com/

    3. Eka base karagena decryption tool ekak develop karala tiyanawada balanna. tibboth goda.. nattan restore point ekak wath irturu wela nan hari.

    decryption tools

    https://www.avast.com/ransomware-decryption-tools

    https://www.emsisoft.com/decrypter/

    https://noransom.kaspersky.com/



    How do I protect myself from ransomware?

    1. Install a Good Antivirus

    Antivirus List: http://www.elakiri.com/forum/showthread.php?t=1903928

    2. Backup your important documents regularly

    3. Install “Ransom Buster - Trend Micro”

    මේක තමා මන් කියන්න ගිය Free Software eka.

    How it works:

    Simply select a folder to protect and “Ransom Buster” will automatically block unknown programs from accessing your protected files. So no Ransomware can encrypt your files.
    (E.g. – If all of your movies are at D drive, add D Drive to the protection. This program will not allow any Ransomware/Malware to change your files)
    • It allows only reputed and safe applications, such as Microsoft Office, Media players etc. to access your protected folders.
    • Works fine with your existing antivirus.

    Link : https://ransombuster.trendmicro.com/
     

    imhotep

    Well-known member
  • Mar 29, 2017
    14,845
    8
    35,411
    113
    Thanks for the helpful post. But the sad fact is none of these can give you absolute protection against ransomware.

    As a home user you can only rely on backups and keep the OS & virus scanner updated.
    In a corporate environment we have many other protective mechanisms in place that prevents the ransomware getting in to the users machine. This is the best form of defense.

    In most instances the data cannot be fully recovered. It's a known fact that even data recovery companies do pay the hackers to get the data decrypted.
    eg read
    https://www.bbc.com/news/uk-48881959
    https://www.theregister.co.uk/2019/06/24/red_mosquito_rm_data_recovery_ransomware/:sorry:
     
    • Like
    Reactions: Sam Walton

    Sam Walton

    Well-known member
  • Feb 5, 2018
    813
    683
    93
    Just turn on Ransomware protection in Windows defender.. Simple.

    Yes.. :) Defender's folder access control works the same way as above tool. But the things is many don't use Windows Defender due to it's low virus detection capabilities.

    Above mentioned tool is good for anyone who doesn't use Windows Defender or uses any other 3rd party antivirus.. :yes:
     

    Sam Walton

    Well-known member
  • Feb 5, 2018
    813
    683
    93
    Thanks for the helpful post. But the sad fact is none of these can give you absolute protection against ransomware.

    As a home user you can only rely on backups and keep the OS & virus scanner updated.
    In a corporate environment we have many other protective mechanisms in place that prevents the ransomware getting in to the users machine. This is the best form of defense.

    In most instances the data cannot be fully recovered. It's a known fact that even data recovery companies do pay the hackers to get the data decrypted.
    eg read
    https://www.bbc.com/news/uk-48881959
    https://www.theregister.co.uk/2019/06/24/red_mosquito_rm_data_recovery_ransomware/:sorry:

    Yes.. Traditional Signature based antiviruses cannot effectively protect users from Ransomwares or newly emerged malwares.

    Apart From the backups, Best thing is to go for the applications that will harden the system by allowing only the reputed applications to run.

    Many antivirus firms started implementing this including Kaspersky (kaspersky trusted applications mode). Even Though this also can be bypassed, possibility is very low.
     
    Last edited:

    Sam Walton

    Well-known member
  • Feb 5, 2018
    813
    683
    93
    Traditional security software uses a blacklist approach; which is a list of all known malicious files, and prevents them from running.

    Unfortunately, this list changes day-by-day, perhaps even minute-by-minute. Thus making it impossible to keep it up to date. With this approach, there will always be a victim. In order for a bad file to be identified, it infected someone, somewhere.

    With whitelisting, there is no victim. Only tested, safe programs and files can run. Simple as that.

    [Copied]
     

    imhotep

    Well-known member
  • Mar 29, 2017
    14,845
    8
    35,411
    113
    Yes.. Traditional Signature based antiviruses cannot effectively protect users from Ransomwares or newly emerged malwares.

    Apart From the backups, Best thing is to go for the applications that will harden the system by allowing only the reputed applications to run.

    Many antivirus firms started implementing this including Kaspersky (kaspersky trusted applications mode). Even Though this also can be bypassed, possibility is very low.

    Quite true. Running an enterprise network we have domain based GPO restrictions in place, all emails are scanned for malware or suspicious attachments, and we do monitor the network as well. It's not easy for ransomware to creep in and therein lies the protection.

    With a home user things are different. They log in as Administrators or use an account with admin rights, they download and run cracks :oo: - or what they think as a crack - but sadly its ransomware!
     

    Sam Walton

    Well-known member
  • Feb 5, 2018
    813
    683
    93
    Quite true. Running an enterprise network we have domain based GPO restrictions in place, all emails are scanned for malware or suspicious attachments, and we do monitor the network as well. It's not easy for ransomware to creep in and therein lies the protection.

    With a home user things are different. They log in as Administrators or use an account with admin rights, they download and run cracks :oo: - or what they think as a crack - but sadly its ransomware!

    You are absolutely right bro.. :yes: We disregard one of the most valuable defense against viruses: Common Sense
     

    Sam Walton

    Well-known member
  • Feb 5, 2018
    813
    683
    93
    Just turn on Ransomware protection in Windows defender.. Simple.

    Thanks for the helpful post. But the sad fact is none of these can give you absolute protection against ransomware.

    As a home user you can only rely on backups and keep the OS & virus scanner updated.
    In a corporate environment we have many other protective mechanisms in place that prevents the ransomware getting in to the users machine. This is the best form of defense.

    In most instances the data cannot be fully recovered. It's a known fact that even data recovery companies do pay the hackers to get the data decrypted.
    eg read
    https://www.bbc.com/news/uk-48881959
    https://www.theregister.co.uk/2019/06/24/red_mosquito_rm_data_recovery_ransomware/:sorry:



    Rep ++