Defending Against Ransomware with McAfee Threat Intelligence Exchange

By on

In a blog last week, I discussed CryptoLocker, a particularly nefarious family of ransomware, and how to defend against it.

I thought it would be worthwhile to demonstrate how McAfee Threat Intelligence Exchange can detect and stop malware like ransomware, even if the suspicious file has not been flagged as malware by antivirus signatures.

In addition to showing McAfee Threat Intelligence Exchange in action, I also show how McAfee Advanced Threat Defense performs deep analysis, including dynamic sandboxing and static code analysis, to confirm that the file flagged is malware and is indeed malevolent.

In the upcoming McAfee Labs Threats Report: May 2015, McAfee Labs will explore ransomware and the huge rise in the volume of attacks in Q1. As CryptoLocker and other forms of ransomware continue to morph and become more aggressive, it is vitally important to understand how ransomware works and what can be done to protect against it.

Leave a Comment

Similar articles

The authors thank their colleagues Oliver Devane and Deepak Setty for their help with this analysis. McAfee Labs researchers have discovered new Russian malware, dubbed WebCobra, which harnesses victims’ computing power to mine for cryptocurrencies. Coin mining malware is difficult to detect. Once a machine is compromised, a malicious app runs silently in the background ...
Read Blog