RansoomWhere? je program (autor je Patrick Wardle) koji ima vrlo jednostavan zadatak.
Ovaj program omogucava blokiranje aplikacije/programa koji pokusava da izvrsi enkripciju fajlova na OS X-u.
Da bi se smanjio broj laznih uzbuna, postoji i White lista u kojoj se nalaze programi koje je potpisao Apple ili kojima vi verujete.
Mana ovog programa je sto on reaguje tek nakon sto je vec nekoliko fajlova enkriptovano ali i to je bolje nego da se sifriraju svi fajlovi.
Kao i svaki drugi program, kao sto kaze autor, i ovaj verovatno moze da se zaobidje sa nekom novijom verzijom ransomware-a
"RansomWhere? was designed to generically stop OS X ransomware," Wardle said in a blog post. "However several design choices were consciously made -- to facilitate reliability, simplicity, and speed -- that may impact its protection capabilities. First, it is important to understand that the protections afforded by any security tool, if specifically targeted, can be bypassed. That is to say, if a new piece of OS X ransomware was designed to specifically bypass RansomWhere? it would likely succeed."
Secamo se prvog ransomware programa za OS X - KeRanger
http://www.isrbija.net/showthread.ph...rrent-klijentu
Tekst sa
http://www.macworld.com/article/3059...x-for-now.html
https://objective-see.com/products/ransomwhere.html