MRG Banking Test

Discussion in 'other anti-virus software' started by 1000db, Jun 8, 2011.

Thread Status:
Not open for further replies.
  1. 1000db

    1000db Registered Member

    Joined:
    Jan 9, 2009
    Posts:
    718
    Location:
    Missouri
    hxxp://malwareresearchgroup.com/malware-tests/

    Some interesting results in this test. Its possible that vendors don't take it serious enough that their software is bypassed. Its also possible that the bypass is done in such a way that it would never occur in the wild. I normally find MRG's tests fairly interesting for what they are.

    Great job Quaresso! I've been watching this software for some time now and have been impressed by its performance. Very slightly disturbed about PrevX though.
     
  2. 1000db

    1000db Registered Member

    Joined:
    Jan 9, 2009
    Posts:
    718
    Location:
    Missouri
    Got it thanks. It's actually a different test than the Flash tests.:thumb:
     
  3. Sveta MRG

    Sveta MRG Registered Member

    Joined:
    Aug 16, 2009
    Posts:
    209
    Yes, this is a different test and merging two threads into one will create a lot of confusion once we resume (in few days) the Flash Test project .


    Regards,
    Sveta
     
  4. yongsua

    yongsua Registered Member

    Joined:
    Feb 9, 2011
    Posts:
    474
    Location:
    Malaysia
    So,may I know is MRG going to produce more Banking Tests just like the Flash Tests?
     
  5. Sveta MRG

    Sveta MRG Registered Member

    Joined:
    Aug 16, 2009
    Posts:
    209
    Well, not exactly like Flash Tests, but we will do more tests of this nature in 2011.


    Regards,
    Sveta
     
  6. 3x0gR13N

    3x0gR13N Registered Member

    Joined:
    May 1, 2008
    Posts:
    849
    Regarding Online Banking Security Report, June 2011
    -As MITB was used as an attack vector, that begs the question regarding the usage of "Virtual keyboards where applicable"- VKs are designed to protect against keyloggers not MITB attacks, so what's the point in using VKs?
    -Was Online Banking mode used for KIS 2011 (launches the browser in a protected sandbox which prevents 3rd party applications from modifying/accessing browser memory)

    Sorry if this is mentioned in the report, but didn't see it...
     
  7. Sveta MRG

    Sveta MRG Registered Member

    Joined:
    Aug 16, 2009
    Posts:
    209
    @ 3x0gR13N

    Firstly, in answer to your question about why use virtual keyboards – we did this as this is the only method of protection offered by one of the applications in the test.

    Secondly, yes, KIS was tested using the safe browser function.


    Regards,
    Sveta
     
  8. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,491
    Re: MRG Flash Tests 2011

    Downloading! :D
     
  9. 3x0gR13N

    3x0gR13N Registered Member

    Joined:
    May 1, 2008
    Posts:
    849
    OK, thanks for clearing that up.
    This is the first Banking test where I see Online banking mode/Safe run for websites of KIS being tested, it's unfortunate that it ended in a fail despite it being designed to combat MITB/financial threats.
     
  10. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,491
    Awww i wanted to see OA :D
     
  11. Hawk82

    Hawk82 Registered Member

    Joined:
    Feb 11, 2007
    Posts:
    29
    ...and avast! :mad:
     
  12. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,491
    But it seems that suites don't stand a chance since they rely too much on signatures. Whiles BB's and HIPS have a good chance of blocking it :D
     
  13. pegr

    pegr Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    2,280
    Location:
    UK
    Any chance of including AppGuard in future tests?
     
  14. 1000db

    1000db Registered Member

    Joined:
    Jan 9, 2009
    Posts:
    718
    Location:
    Missouri
    That would be awesome. As I recall they included it late in the last test. Even though its intended to be a prevention app I think it passed.
     
  15. Baserk

    Baserk Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    1,321
    Location:
    AmstelodamUM
    Minor comment regarding the publication/PDF layout; perhaps it's easier to rotate some pics so that the different software product names and scores are easier to read without needing to rotate neck+head?

    Just a suggestion. :)

    MRG report pic_1.JPG MRG report pic_2.JPG
     
  16. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,867
    Location:
    Outer space
    Avast's SafeZone passed, but because the simulator is not compatible with the SafeZone browser.

    http://forums.malwareresearchgroup.com/viewtopic.php?f=29&t=582
     
  17. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,538
    Location:
    Sweden
    It seems to me that according to this test, security softwares offer less protection for x64 compared to 32-bit.
     
  18. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,752
    Location:
    Toronto Canada
    No Prevx with SOL?
     
  19. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada
  20. slider916

    slider916 Registered Member

    Joined:
    Aug 4, 2010
    Posts:
    58
    Zemana's impressive once again.
     
  21. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,738
    Wow, mainly failures, but good job to those that passed.
     
  22. Dave53

    Dave53 Registered Member

    Joined:
    Feb 23, 2009
    Posts:
    123
    I would also like to see how AppGuard does in these tests. :)
     
  23. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    I have 2 PDF reader-apps. Both of them will rotate 90 degrees quickly & easily. Perhaps your reader also has this capability.
     
  24. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,164
    Location:
    UK / Pakistan
    Wish they test comodo HIPS, OA and GesWall.

    Very valid n nice testing indeed. :thumb: :thumb:
     
  25. Scoobs72

    Scoobs72 Registered Member

    Joined:
    Jul 16, 2007
    Posts:
    1,113
    Location:
    Sofa (left side)
    Testing Comodo and OA would probably show the sort of results they were getting with HIPS last year - "We found that the HIPS functionality against the simulator was generally poor, with most applications employing this functionality being unable to differentiate between its malicious behaviour and that of the legitimate control applications."

    I think the test is aimed at finding effective security solutions for non-experts, i.e. even if the malware is installed by the user, which of these products will provide clear indication of the compromise and which will continue to protect the users online banking credentials, despite the compromise.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.