This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Ransomware Simulation Too (simulation of real ransomware and cryptomining infections)

Hi,

We ran a ransomware simulation tool on our network to test some infection scenarios and found that our Sophos anti-virus did not pickup the following varieties:

Collaborator

Encrypts files similarly to a common version of Critroni. However, it relies on different processes for file enumeration, movement and deletion.                             

Injector    

Encrypts files by injecting the encryption code into a legitimate process using a common approach.                          

ReflectiveInjector          

Encrypts files by injecting the encryption code into a legitimate process using an advanced approach.                          

SlowCryptor        Simulates the behavior of a ransomware variant that encrypts files slowly, to avoid detection by security products.     



This thread was automatically locked due to age.
Parents Reply Children