This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

CryptoWall 3.x detection

Does anyone know if Sophos endpoint protection 10.3.x is able to detect the new version of Cryptowall 3.x (Sophos may be calling it something else) that’’’’s been going around? i have not been able to get an answer out of support unless I submit a virus sample which i don’’’’t have..(thankfully) I don’’’’t imagine this is first time they heard of it..but i have not been able to find any mention of this on sopho's website.

This thread was automatically locked due to age.

0 UC over 10 years ago

We are running 10.3.x, and it has not detected nor stopped Cryptolocker or Cryptowall 3.0.
:56759
Cancel
Vote Up 0 Vote Down

Cancel
0 QC over 10 years ago

Hello UC,
Cryptolocker or Cryptowall 3.0
how did you identify the malware? What are your on-access settings (including behavior monitoring)?
Anyway, did you send a sample?
Christian
:56763
Cancel
Vote Up 0 Vote Down

Cancel
0 kk20 over 10 years ago

If you backup to a network connected NAS drive then do not forget that these are also vulnerable to ransomware. As a precaution our backup drives are only permissable to two service accounts (not counting the local setup account which could 'shell' in a pinch), one is not used on the network for any other actions and is used as a backup account, the second is the backup service account used only by the backup software. All other accounts are set to DENY access. This will ensure that the NAS is secure from the ransomware virus trying to encrypt the backups.
:56766
Cancel
Vote Up 0 Vote Down

Cancel