Security Projects

You are here:  Home > Anti Ransom

Anti Ransom

'Fighting against ransomware using honeypots'

AntiRansom is a tool capable of detect and stop attacks of Ransomware using honeypots.

 First, Anti Ransom creates a random decoy folder with many useless random documents (Word, Excel, PDF) and then it monitors the folder waiting for changes. When a change is detected, AntiRansom tries to identify wich process is the responsible of such change and then stops it and dump the memory process (hopefully the key or password that is being used by the ransomware is inside)

Antiransom uses well know tools like 'Handle' and 'Procdump' from sysinternals

Random folder with random documents