The Bitdefender Antiransomware vaccine defends against the CTB-Locker, Locky and TeslaCrypt versions of crypto ransomware, by making your system appear as if it has already been infected by malware in the past.
Various strains of ransomware, such as versions of Locky and TeslaCrypt, often use a system where it will detect if a computer has been infected by the ransomware in the past and had its files encrypted. Bitdefender’s new software claims that it can fake these checks so if your computer ever encounters ransomware, the virus will skip it.
“The new tool is an outgrowth of the Cryptowall vaccine program, in a way,” said Bitdefender chief security strategist, Catalin Cosoi. “We had been looking at ways to prevent this ransomware from encrypting files even on computers that were not protected by Bitdefender antivirus and we realized we could extend the idea.”
The old Cryptowall vaccine program worked in a very similar way, but this could eventually be rendered useless and in need of an upgrade to keep up with how the ransomware itself is mutating and becoming more sophisticated.
Bitdefender’s newest tool covers even more versions of ransomware than before, but it is not an absolute remedy or outright prevention tool, either. Ransomware has been twisting into new shapes in recent times, including a strain that targets WordPress sites rather than actual computers. This means this new anti-ransomware vaccine shouldn’t be considered a long-term solution as more advanced threats may emerge sooner rather than later.
Bitdefender isn’t alone in its efforts to create ransomware vaccines. Sean Williams, a developer, is in the midst of creating his own software called Cryptostalker to prevent ransomware infecting Linux systems, while researcher Sylvain Sarméjeanne is working on a tool that combats Locky.