New Tool Defends Against Petya Ransomware, Rootkits
A new tool defends against Petya ransomware – and as a bonus is also good against rootkits. “MBRFilter defeats Petya in a rather simple, clever way. MBRFilter is a driver that simply places the MBR into read-only mode. Therefore, ransomware like Petya cannot overwrite the MBR or otherwise modify its contents. … Although MBRFilter will not help organizations solve their problems with Locky, it has wide use beyond ransomware. ‘This should be effective at stopping all rootkits which require MBR modification,’ says [Craig] Williams.” MBR stands for Master Boot Record; you can learn more about it here.