Archivi tag: prevention

How to protect from Ransomwares: the RunAs approach

Ultimo aggiornamento: 09-09-2016

I don’t know if this tenchique just was released on blogs before December 6, 2015.


The first idea to defeat from Ransomware softwares are to use Virtual Machines for Internet navigation and email, just because they offer a good isolation (an example is my Fir3vuan project). The only problem is that they are too CPU/Memory expensive, primarily for old computers with Windows XP.
In this tutorial I’ll show you how to protect from Ransomwares as CBT, CryptoWall or Tesla using only Windows security features as Windows Integrity Mechanism (see also User Account Control)

The idea

My (simply) idea is to use the Integrity Mechanism: in Windows a standard user can’t access to Administrator files, so you can login into administrative account, but sensitive process as browsers, mailers, editors, etc.. have to run as standard user!
So if a Ransoware attack your pc, the files into standard user directory will be crypt and not them in Administrator directory. Continue reading How to protect from Ransomwares: the RunAs approach