Home users, large or small organizations, public or private institutions, everyone could be a victim of ransomware attacks. It is, by far, one of the most successful methods cybercriminals are using to encrypt users’ files and ask for a ransom in return.

Online criminals (will) always look for innovative ways to infect a system or a network and targeting admin passwords through brute force attacks is an attractive method. We’ve seen cases in which attackers hack into unprotected remote desktop protocols and manually executed the ransomware.

Ransomware infections continue to cause serious problems for both individuals and companies that lose access to their valuable data. The impact of ransomware is devastating and such attacks usually happen due to bad IT hygiene and a minimum of security measures taken.

This is how a ransomware infection happens and can start by clicking on a malicious link received on the email or ending up a wrong and infected website:

simple ransomware infection chain 3

An antivirus solution standalone is not enough to fully protect your data

If you are currently using an antivirus solution to keep your data safe and secure, know that it can’t provide 100% protection. Online threats have evolved greatly and malicious actors became real “artists” in using creative ways to spread malware.

Antivirus is only a single layer of security that you need, but can’t keep up with the increasing number of malware attacks. It does a better job at covering threats like worms, viruses, trojans, while advanced malware strains (ransomware, phishing or social engineering threats) manage to evade AV detection.

Last year, massive spam campaigns like WannaCry or NonPetya could fly below the radar of antivirus software and go undetected during the first hours or days. The timing was crucial for both home users and organizations and we’ve seen the damages caused.

Here’s an example of a spam campaign we monitored and analyzed to see how long it takes AV engines to detect advanced malware. During this malicious campaign, cybercriminals tried to bait victims into clicking on a malicious link to deliver the NanoCore malware on their devices.

The results from VirusTotal showed that in the first day only 5 AV engines out of 64 could detect this malicious campaign. A few days later, 37 out of 64 engines could find it. This indicates a low detection rate for antivirus during the first stages of an attack.

Nowadays, cyber attacks are brand new and unlisted in antivirus databases, which are designed to sneak past your AV product and compromise your computer. People rely on antivirus as their only protective layer, but it’s just not enough. Antivirus is often ineffective in blocking ransomware attacks.

Nano Core Spam Campaign 2 1

Virus Total results

You can see other examples of spam campaigns explaining why AV detection for new malware remains low.

Why extra layers of security are needed

A multi-layer approach is needed to better fight ransomware infections that can spread quickly and harvest users’ data. This happens because the malware scanning is rather reactive than proactive. The newer a malware strain is, the harder will be for AV to detect it.

The purpose of a multi-layered security system is to stop cyber attacks on different levels, so they never reach the core of the system and essential information.

Malicious actors can find ways to manipulate the data that flows through your Internet connection to serve their malicious purposes.

We spend a large amount of time browsing the Internet, but have you thought about the danger you are exposed to? We believe that everyone should enjoy the web safely when navigating online.

To do that, you will need a tool that can help you filter the Internet traffic and eliminate all the threats out there that antivirus can’t block. A tool focused on proactive cybersecurity.

We believe that you shouldn’t wait for something bad to happen to improve your online safety and protect your digital assets.

What Thor Foresight Home can do for you

If you didn’t know about our product, Thor Foresight is built to protect its customers from attacks like ransomware traditional antivirus can’t detect.

Thor Foresight Home can block different ransomware infection sources such as malicious email attachments, infected links you may receive in your email, infected web pages or malicious web apps that appear legitimate at first, but aimed at spreading ransomware.

Here’s how Thor Foresight Home works and how it can stop a ransomware infection in 4 different stages:

how Heimdal PRO blocks

Thor Foresight Home is an antimalware solution that includes three layers of protection against ransomware.

1. Traffic scanning and filtering

With its DarLayer Guard feature, Thor Foresight proactively scans for all your incoming and outcoming Internet traffic to identify all types of malicious connections.  It does that by changing the DNS (Domain Name System) for IPv4 and IPv6 to a different address and block a malicious web address.

When the engine is enabled, Thor Foresight will apply a filter on the network adapter that will scan for infected sites and other web locations (servers, online ads, etc) with the potential to install ransomware on your devices.

In the image below, on the right side, you can see how many web traffic scans Heimdal has performed on your system in the last 7 days and how many web addresses were blocked.

You should know that all the filtering process takes place quickly and will not affect your Internet connection speed.

Traffic filtering layer

2. Detection and blocking of advanced malware (VectorN Detection)

The Malware engine analyzes potentially malicious code to detect and block ransomware attacks. It compares the signatures of the files on your PC with our constantly updated database to find any matches.

With the malware scanning feature, Thor Foresight Home works proactively to detect and block second generation malware like ransomware that tries to compromise users’ endpoints and encrypt their files. All websites you are accessing are scanned and verified in our internal database.

You can choose to turn it off, but we don’t recommend doing it, because it will decrease your protection level.

VectorN Detection feature works hand in hand with the DarkLayer Guard feature and tries to search and detect for patterns in the number of blocks that DuarLayer Guard records. It uses Machine Learning Detection (MLD) to perform an in-depth analysis of all incoming and outgoing HTTPS, HTTPS, and DNS traffic.

You can see in the image below how many malware scans Thor Foresight Home has completed on a system in the last 7 days, as well as how many malware strains Heimdal has cleaned from your PC in the same frame time.

Malware Detection feature

3. Automatic and silent patching feature was created to silently keep your software programs and applications, including operating system, up to date and patched, without annoying you with notifications.

In Thor Foresight Home, the patching system is split into two sections:

  • software patching (designed to monitor and update the programs installed on your computer and details about them) 
  • recommended software (here you’ll find programs Heimdal recommends to install that will automatically be inserted into the software patching list).

Software Patching system


To better handle ransomware attacks, you need to see the bigger picture and take all the security measures to prevent these attacks.

Use this anti-ransomware protection plan and better secure your endpoints against ransomware.

What you should know is that Thor Foresight Home is compatible with any antivirus product available on the market that will block threats at their root. An anti-malware solution isn’t meant to replace your AV product, but complement it, so users can benefit from multiple layers of protection to better fight against ransomware.

With both software products installed on a PC, more security gaps are closed and you can enhance online safety.

Please let us know what you think of our product and what other features you’d like us to include. Your feedback is important.

The easy way to protect yourself against malware
Here's 1 month of Thor Foresight Home, on the house!
Use it to: Block malicious websites and servers from infecting your PC Auto-update your software and close security gaps Keep your financial and other confidential details safe


Try Thor Foresight
2017.10.09 SLOW READ

How Cybercriminals Change Tactics During Their Cyber Attacks

What is Ransomware
2017.05.15 SLOW READ

What is Ransomware – 15 Easy Steps To Protect Your System [Updated]

Proactive Cyber Security

Proactive Cyber Security – Your Lifeboat for Rising Above the Tide


Thanks Ioana, really great article!

Hello, Jonas! Thank you so much for your feedback!

thanks for sharing such an informative content with us.I have been using Norton Anti-virus since many years and it has many cool features.
to install Norton anti-virus visit

E-sync security is the Chennai based company which deals with all type of electronic security systems Chennai and outer with excellent customer support. We provide high resolution surveillance security systems for both domestic and commercial applications. From single camera to multi-site camera configuration, we will design a security systems that meets your surveillance security requirements. It is one of the few company which believes “SERVICE FIRST”

There are many viruses created by some criminally minded people to make other users face problems while using their systems where antivirus play important role in preventing from those viruses, still, if someones pc or any other device is infected then they can contact Asus router support to get help

Before reading this post, I am also one of those who doesn’t believe in another layer for the antivirus. But this information is important for understanding that this is so important for the antivirus.
Lenovo Contact Number

Nowadays viruses are getting very dangerous, Glad to know that someone is proving a good antivirus software, needed that! Thank you and keep the good work up!

Antivirus, they are playing an important role in solving the virus problems. Because of the virus, users has to face lots of problems on regular basis.
The above shared article is very good as it shares very good information regarding the antivirus which is very important for all the computer users.
If you are facing virus related issues on regular basis and looking for the solution, click on the given link to solve all your problems-

Avast Customer Service

As always Ioana, covering security in a most timely fashion. Robert

Hello, Robert! Thank you so much for your feedback! I am doing my best to offer useful insights and valuable information. Thanks for reading our blog and please let us know if there’s any particular topic you’d like us to write about.

Leave a Reply

Your email address will not be published. Required fields are marked *