CyberSight, a new computer security company based in California, released the first version of the anti-ransomware software RansomStopper yesterday.
RansomStopper is available as a free version for non-commercial use, and a paid version for commercial and Enterprise use.
The program is compatible with Windows 7 and newer versions of the Microsoft Windows operating system, and CyberSight promises that it will stop ransomware before encryption of data occurs.
Installation of the program is straightforward, as you just press next a couple of times to install the security application on the Windows machine.
You are asked to enter your name and email address afterwards, and need to verify the email address before you may use the program. RansomStopper displays the "enter your data" prompt until you have confirmed the selected email address.
The application itself offers little user controls. The interface lists four buttons at the bottom of the page that lead to allowed and blocked/quarantined processes, security alerts, and an update check.
There are not any settings available, which means among other things that you cannot whitelist processes proactively for instance.
The company explains on its website how RansomStopper works:
Our anti-ransomware software uses proprietary technology and machine learning to provide multi-layered defense against ransomware.
RansomStopper incorporates proprietary deception techniques and recovery and roll back technology to minimize file loss RansomStopper detects new and existing ransomware to protect from malicious encryption and file loss.
A press release offers additional information:
- Prevention: Applies machine learning on files pre-execution to prevent them from infecting your system
- Deception: Honeypots and on-demand traps to catch ransomware before it impacts files
- Detection: Kernel level behavioral analysis on processes and files in real-time
- Automatic Response: Automatically stops attacks, including Zero-Day attacks, by blocking processes and quarantining files
The use of honeypots to identify ransomware attacks is not new, but it is an effective method provided that it is done properly.
RansomStopper is a free anti-ransomware software for personal use. There are no independent tests available at the time that tested the software's effectiveness when it comes to stopping ransomware dead in its tracks.
The lack of options makes it a program that runs on autopilot for the most part. It does display notifications to the user when it detects suspicious activity, and provides options to manage allowed and blocked processes, but that is all you get right now.
My advise is to wait and see how RansomStopper performs in security tests before you give it a try. There are plenty of alternatives out there that have been around for longer. Check out our anti-ransomware software guide for suggestions.
Now You: Do you run anti-ransomware software on your system?