Blog Post Shout-out: Potential for Ransomware to Leverage Windows EFS

Related to my previous post detailing my tests of anti-ransomware software that could compliment existing anti-malware software, I wish to provide a respectful shout-out to the following post from SafeBreach. It details their results testing a proof of concept of using the built-in Encrypting File System (EFS) capability of Windows in order to encrypt a victim’s files rather than writing their own means of doing so:

https://safebreach.com/Post/EFS-Ransomware

Please review the list of anti-malware and anti-ransomware solutions available within the SafeBreach post. If yours is not on the list, contact the vendor to ask if such a change will be added soon? If you are certain you will not being EFS, disable it using the Windows Registry (defined) changes suggested in their post.

Thank you.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.