Jump to content

MBAE + MBAM and ransomware


Buddel
 Share

Recommended Posts

Taken from the Frequently Asked Questions of this forum:

 

Will MBAE stop rogue antiviruses and ransomware?

There are two types of attacks when it comes to rogue antivirus and ransomware campaigns. In the first type of attack, using social engineering to fool users, a webpage simulating an antivirus scan is shown and the user is prompted to download and install the solution to the problem (which is the malicious or rogue antivirus). In the second, more advanced and dangerous type of attack, the user is lured into visiting a malicious webpage which exploits one or multiple vulnerabilities to automatically and transparently run the rogue antivirus or ransomware on the target system without any user interaction. In the first type of attack we recommend running Malwarebytes Anti-Malware Premium as it provides the best and most timely protection against ransomware. The second type of attack will be blocked by MBAE as it does rely on exploiting software vulnerabilities to run automatically and transparently without user interaction.

 

+++++++++++++++++++++++++++++++++++++++++++++++++

 

Do MBAM Premium and MBAE Premium also stop the latest ransomware attacks or should I use additional software that has been specifically designed to protect computers from ransomware? Just asking because I don't want to install/use more programs than is really necessary. Thanks for your help in advance. BTW, I also use anti-virus software, but no anti-ransomware app.

 

PS: If there is a more appropriate forum here for this topic, please move my post there. Thank you.

Link to post
Share on other sites

  • Staff

The vast majority of ransomware attacks infect via exploits. So having MBAE will block most of the ransomware infection attempts.

 

If you have MBAE and receive a ransomware file via other social engineering means (email attachment, etc.) then MBAM should be able to detect and block it with its heuristics.

 

If MBAM does not detect the ransomware binary and you happen to become infected, the MBAM IP/Website blocker will most likely prevent the ransomware from going out to its Command & Control (C&C) Server to download the keys to encrypt your files, effectively preventing the ransomware from encrypting your files.

 

So with these 3 layers of protection offered by MBAM+MBAE I would say you are extremely well covered.

 

PS: MBAM is already detecting and blocking the latest CryptoWall 4.0 variants.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.