Size: 4.48 MB
Requires: Win 10 / 8 / 7 / Vista
Bitdefender Anti-Ransomware prevents your files from being encrypted
Bitdefender Anti-Ransomware is a combination Crypto-Ransomware Vaccine which allows users to immunize
by the following ransomware families:
their computers and block any file encryption attempts from Cryptowall and Cryptolocker also known as
Ransomware. Uses very little memory, about 8 MB. It is updated whenever possible and effective up to and
including the new 4.0 variant from Russia. It might not block all known variants due to the speed that
hackers change their software but it should protect you from most. Myself, and our malware team have
fought with this difficult infection and there is no easy way to remove it.
Bitdefender anti-malware researchers have released a new vaccine tool which can protect against known
and possible future versions of the CTB-Locker, Locky and TeslaCrypt crypto ransomware families by
exploiting flaws in their spreading methods.
“The new tool is an outgrowth of the Cryptowall vaccine program, in a way.” Chief Security Strategist
Catalin Cosoi explained. “We had been looking at ways to prevent this ransomware from encrypting files
even on computers that were not protected by Bitdefender antivirus and we realized we could extend the
A study conducted by Bitdefender in November 2015 on 3,009 Internet users from the US, France, Germany,
Denmark, the UK and Romania offers a victim’s perspective on data loss through crypto-ransomware:
50% of users can’t accurately identify ransomware as a type of threat that prevents or limits access to
Half of victims are willing to pay up to $500 to recover encrypted data.
Personal documents rank first among user priorities.
UK consumers would pay most to retrieve files
US users are the main target for ransomware.
About Petya Ransomware
MBR-Encrypting Ransomware Petya Gets Bitdefender Vaccine
The Petya ransomware that has been encrypting the NTFS Master File Table has recently been analyzed by
the Bitdefender research team and found to sport similarities with other ransomware families, such as
Chimera and Rokku.
This information could point to the same group of cybercriminals, except this time they’ve used advanced
low level programming skills to develop the Petya strand. However, because the encryption process was
flawed, our security researchers were able reverse engineer it and come up with a vaccine that makes
decryption a lot easier in case of infection. Particularly, users will be presented with the decryption
key, allowing immediate decryption.
An in-depth analysis of the Petya ransomware can be found in our “Petya Ransomware Goes Low Level” whitepaper
(Bitdefender-2016-Windows_Ransomware_Goes_Low_Level-Petya-Whitepaper.pdf), and here are some of its key findings:
> Potentially same developers as the ones behind Chimera and Rokku ransomware families;
> Works faster – Petya doesn’t encrypt files; it encrypts the NTFS Master File Table (MFT);
> Features its own bootloader and Kernel – few ransomware families have that;
> Reverse engineered by Bitdefender to offer a free tool that assists in decryption of NFTS MFT
(third-party tools have become available, but they’re more difficult to use).
Those who wish to avoid infection by this strand of ransomware can Download the Bitdefender Petya Ransomware Vaccine!
Thanks for downloading.