1 Reply Latest reply on Sep 15, 2016 2:28 PM by HermanSchenk

    HDDcryptor ransomware


      Has anyone heard or faced an issue getting encrypted by this? According to TrendMicro, it infects as a Ransom_HDDCryptor.A and as the name implies encrypts the HDD and the ransom demand etc.


      Here is a link I found from TrendMicro:


      TrendLabs Security Intelligence BlogBkSoD by Ransomware: HDDCryptor Uses Commercial Tools to Encrypt Network Shares and …


      Any inputs on how to stop/avoid this will be welcome.





        • 1. Re: HDDcryptor ransomware

          Hi you can use VirusScan Access control or EP 10.2 DAC to avoid

          • connection on port 80 from PEs running in %temp% folders ,
          • execution of DLLs from %temp%  
          • Execution of scripts (ej : JS, WFS, bat)
          • creation of DLL in a %temp% folder
          • from your email server anti-spam solution block attachments with scripts files...