PDA

View Full Version : RansomWhere - Ransomware detection tool for macs



lclev
04-21-2016, 12:26 PM
I found this article about a free tool to help combat ransomware on a mac. After reading the article I got the feeling the tool was one that kinda offered to close the barn door after the animals already got out - so to speak.

The tool works to tell you when an infection is present and already at work encrypting your files. Nice idea but I would like it better if the tool either prevented an infection or if one was present, stopped it and unencrypted my files. Also the author admits the tool can be circumvented and has been. I did think the best part is the tool will let you decide if you want to stop the encryption - OR - let it go on!!! Wow, what a choice. (Oh yes, encrypt my files - please proceed! :Smirk: )

http://thehackernews.com/2016/04/ransomware-detection-tool.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers +News+-+Security+Blog%29&_m=3n.009a.1221.fe0ao06xsz.pcj

Thoughts or opinions?

Lisa

elf69
04-21-2016, 02:17 PM
i use the free beta malwarebytes anti ransomeware on my windows computer and it stop them encrypting your data as it starts on boot.

harryb2448
04-21-2016, 06:35 PM
Member Rndy B Singer some time ago recommended a little app called ScsamZapper.

chscag
04-21-2016, 08:53 PM
As Harry stated.... ScamZapper is available for free. Here's the download link (https://sites.google.com/site/appleclubfhs/downloads/scamzapper-download). And a question for anyone... Is there ransomware for the Mac? If there is, I haven't heard of it. Link please....

lclev
04-21-2016, 09:30 PM
Did anyone read the link I posted? And ScamZapper, I don't believe addresses the issue of ramsomware that has already been introduced.

In the article they reference a specific ransomware that targets macs called KeRanger. Here is the link about it: http://thehackernews.com/2016/03/mac-os-x-ransomware.html

Granted it seems this little ugly is bundled with bit-torrent software so that is one in the plus column for safe surfing.

Lisa

chscag
04-21-2016, 09:48 PM
If that's the one which was supposedly bundled with Transmission, I believe Apple shut that down. Also, Transmission was updated. We recently had a member that stated she used Bit Torrent software and specifically Transmission. We continually warn folks about staying away from Bit Torrent clients because of the danger of malware.

lclev
04-21-2016, 10:28 PM
If that's the one which was supposedly bundled with Transmission, I believe Apple shut that down. Also, Transmission was updated. We recently had a member that stated she used Bit Torrent software and specifically Transmission. We continually warn folks about staying away from Bit Torrent clients because of the danger of malware.

I totally agree. I started the threat because I found the whole concept of a product that would search and attempt to stop file encryption after an infection - which most would not realize until the ransom pop hit - was a bit comical.

Just found it interesting.

Lisa

Rod Sprague
04-22-2016, 02:37 AM
I know it's broadly advised not to download bit torrent files for risk of malware but one would also have to include downloading software from some 3rd party sites, purchasing anything online from online resellers, visiting chat rooms and dating sites, subscribing to any site that may pass on your details to another party (especially if you use your primary email account), using Facebook credentials to log on/register to any site, linking your credit card details to anything that claims it will not charge you, they just want ID or proof of age etc,etc,etc.
Everyone should know that even an eBay account may be hacked I know mine was years ago, the list is endless.
The point is even the Apple App Store has Bit Torrent Clients and like all online search engines it may take you places you may later regret but there are reputable file sites in so far as they attempt to control the quality of the content with strictly enforced rules of conduct and a reporting and banning process. Some have strong community values offering support and information for free provided by long term members who volunteer their time to support users.
We could of course argue the legality of these sites but like Uber Taxis' what's illegal today may be legal tomorrow. Here in Indonesia I often download Australian TV series, I don't sell them or even give them away, and after I've watched them I trash them. I could of course use a VPN to watch via iView or similar but that too is borderline illegal. If they were available on a bootleg DVD, as almost eveything is here eventually, I would be contributing to yet another "illegal" industry and creating a much bigger carbon footprint than simply downloading a temporary file. I could subscribe to NetFlix but it's not available here thanks to Indonesia's draconian censorship regulations.
I think we all need to exercise caution on the World Wide Web but lets be alert rather than alarmed and not dismiss certain sites or download methods out of hand just because some people have had bad experiences with them.