Gandcrab Trojaner

Ransomware such as Locky, WannaCry and GandCrab has been making headlines lately. Criminals use this type of malware to gain access to individual files or the entire computer. At the same time, they prevent access by the rightful owner by means of encryption. The owner is allowed access only after a ransom has been paid.

In addition to software downloads from insecure sources, email attachments are the largest gateway for ransomware. Examples for this are fake email applications that contain infected files instead of application documents. These files potentially paralyse HR departments or even the entire company. In a recent case, the ransomware Gandcrab hides inside of an .exe file which is in turn part of a ZIP file attached to a fake email application. 

NoSpamProxy neutralises such threats before the malicious attachment can cause harm to users’ computers. The powerful NoSpamProxy content filter detects hazardous content even if it is attached to an email as part of a ZIP file and rejects the entire emailNoSpamProxy can be configured to filter for certain file types, file names or a minimum or maximum size of the files. In addition, password-protected or nested ZIP files can be completely removed, or the complete email can be rejected. Potentially existing malicious code is fended off in any case. 

Protection against ransomware means above all protection against malicious email attachments. The intelligent attachment management in NoSpamProxy also offers protection against malicious code in Word, Excel or PDF files through Content Disarm & Reconstruction (CDR). This way, only non-critical attachments find their way into employees’ mailboxes.