MBRFilter: Threats from Ransomware have increased exponentially and malware developers have begun to use MBR (Master Boot Record) in their attacks. In a few words; Locks the entire computer and not just a few tabs with important files.
Cisco Systems' Talos team has released a free, open source tool that protects the MBR domain of computers from being modified by bootkits, ransomware, and other malicious attacks.
This Master Boot Record (MBR) is the first partition (512 bytes) on your hard drive that the bootloader stores, a piece of code that is responsible for booting the operating system. Technically, Bootloader is the first code that is executed by the system BIOS and tells your computer what to do when it starts.
Advanced malware, such as rootkit and bootkit, take advantage of this process to infect computers by modifying the MBR.
A malicious boot or bootkit software can install ransomware or other malware in the Windows kernel, which is virtually impossible to detect, and thus get unlimited and unauthorized access to your entire computer.
So, the best way to protect your computer from such bootkits is to restrict your MBR from being replaced by unauthorized software.
The Cisco security team, Talos team, has done this with the following freeware software.
You can find it here.
The MBRFilter tool is nothing more than a signed system driver that puts the MBR in "read-only" mode and prevents any malware from modifying the MBR port data.
Registration in iGuRu.gr via Email