Antivirus

How to test anti-ransomware: This is how we do it

Ransomware may not make the headlines quite as often as it did in the past, but it hasn’t gone away. In December 2018, for instance, a new threat apparently created by a single hacker managed to infect at least 100,000 computers in China, encrypting files, stealing passwords and generally trashing users’ systems.Antivirus companies like to…


Ransomware may not make the headlines quite as often as it did in the past, but it hasn’t gone away. In December 2018, for instance, a new threat apparently created by a single hacker managed to infect at least 100,000 computers in China, encrypting files, stealing passwords and generally trashing users’ systems.

Antivirus companies like to claim they’ll keep you safe, with vague but impressive sounding talk about ‘multi-layered protection’, ‘sophisticated behavior monitoring’ and the new big thing: ‘machine learning’. But do they really deliver?

The easiest way to get an idea is to check the latest reports from the independent testing labs. AV-Comparatives Real-World Protection Tests and AV-Test’s reports are an invaluable way to compare the accuracy and reliability of the top antivirus engines, for instance.

The problem is that the test reports only give you a very general indicator of performance with malware as a whole. They won’t tell you how an engine performs specifically with ransomware, how quickly it can respond, how many files you might lose before a threat is stopped, and other nuances. That’s exactly the sort of information we really want to know, and that’s why we’ve devised our own anti-ransomware test.

Ransomware simulator

It’s possible to test anti-ransomware software by pitting it against known real-world threats, but the results aren’t often very useful. Typically, the antivirus will detect the threat by its file signature, ensuring it never reaches any specialist anti-ransomware layer.

What we decided to do, instead, was write our own custom ransomware simulator. This would act very much like regular ransomware, spidering through a folder tree, detecting common user files and documents and encrypting them. But because we had developed it, we could be sure that any given antivirus package wouldn’t be able to detect our simulator from the file alone. We would be testing its behavior monitoring only.

There are weaknesses with this concept. Most obviously, using our own simple, unsophisticated code would never provide as effective or reliable an indicator as using real undiscovered ransomware samples for each review.

But there are plus points, too.

Read More

Be the first to write a comment.

Leave a Reply

Antivirus

Feds bust two fake antivirus sellers for millions in fraud

If you frequent certain portions of the internet, you’ve almost certainly seen pop-ups warning you that your PC is infested with all manner of creepy-crawly viruses. The ad is fake, and so is the software that it asks you to pay for, according to a new Federal Trade Commission lawsuit against a pair of phony

If you frequent certain portions of the internet, you’ve almost certainly seen pop-ups warning you that your PC is infested with all manner of creepy-crawly viruses. The ad is fake, and so is the software that it asks you to pay for, according to a new Federal Trade Commission lawsuit against a pair of phony antivirus sellers…
Read More

Continue Reading
Antivirus

Protect your computer from viruses for just $25

The 2024 edition of the ESET NOD32 Antivirus software features anti-phishing protection, malware blocking, and more…

The 2024 edition of the ESET NOD32 Antivirus software features anti-phishing protection, malware blocking, and more…
Read More

Continue Reading
Antivirus

Avast One review: Well-priced PC security with excellent protection

At a glanceExpert’s Rating ProsClean, uncluttered interfaceExcellent antivirus protectionWell-priced for its feature setConsFull scans affect PC performance when using Microsoft Office appsNo included password managerOur VerdictAvast One expands upon the company’s free security suite, with upgraded defenses against online threats and additional features. You don’t get just excellent antivirus protection…

At a glanceExpert’s Rating
ProsClean, uncluttered interfaceExcellent antivirus protectionWell-priced for its feature setConsFull scans affect PC performance when using Microsoft Office appsNo included password managerOur VerdictAvast One expands upon the company’s free security suite, with upgraded defenses against online threats and additional features. You don’t get just excellent antivirus protection…
Read More

Continue Reading
Antivirus

DeFi Exploits in February Cause Losses of $82 Million With Just $1.3 Million Recovered: Report

A report sent to Cryptonews by web3 app and antivirus solution De.Fi noted that $82,287,101 was lost in February 2024 from security incidents, with just $1,325,932 recovered. The post DeFi Exploits in February Cause Losses of $82 Million With Just $1.3 Million Recovered: Report appeared first on Cryptonews…

A report sent to Cryptonews by web3 app and antivirus solution De.Fi noted that $82,287,101 was lost in February 2024 from security incidents, with just $1,325,932 recovered.
The post DeFi Exploits in February Cause Losses of $82 Million With Just $1.3 Million Recovered: Report appeared first on Cryptonews…
Read More

Continue Reading