Did you know that there are ransomware trojans with a code of conduct? For example: The DarkSide ransomware doesn't attack hospitals, schools, or government agencies.
However, all other victims face ransom demands between 200,000 and 2,000,000 Swiss Francs. Payable in cryptocurrency (mostly Bitcoin or Monero). If payment is not made, they threaten to destroy or publish the data. Never before have so many detections been reported as in 2020, with the number steadily increasing from quarter to quarter.
Maze has been active since late 2019 and is among the 10 most dangerous active ransomware. Here we present its basic functionality:
The execution of this ransomware is automatically prevented by our solution Cyber Protect.
Every malware has its individual behavior pattern. That's why we rely on Acronis and the renowned BitDefender engine (Behavioral Detection Engine) with our Cyber Protect solution to recognize these patterns immediately. Simultaneously, the patterns are matched with those in the cloud. This ensures that even unknown malware is detected immediately.
The 10 most dangerous malware and ransomware variants (Currently these are Maze, REvil, SNAKE, Nemty, NetWalker, Ragnar Locker, MegaCortex, CLOP, DoppelPaymer, Thanos) are automatically detected and stopped by Cyber Protect. Any already compromised files are automatically restored from backup.
Built-in self-protection functions prevent the Cyber Protection Agent from being terminated or the backup rhythm from being interfered with. A selection of behaviors that Cyber Protect recognizes and stops:
In each of the above cases, you will be immediately informed about the finding, including reporting on what led to the detection and what the process did. Additionally, a black and white list can be set up where processes or folders can be excluded from scanning.
If you would like to learn more about Cyber Protect or test the solution, we look forward to hearing from you.
Das sind weitere Beiträge, die Sie interessieren könnten.
Zur Blogübersicht