Briton Pleads Guilty to Running Malware Services

Discussion in 'malware problems & news' started by ronjor, Jan 17, 2018.

  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    163,093
    Location:
    Texas
    By Eduard Kovacs on January 17, 2018
     
  2. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    I would love to know which AV's he could evade with this trick. Nowadays, AV's should be able to detect malware with behavioral technologies, and that should not be easy to bypass.
     
  3. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,812
    I dont think AV is a problem for malware creators, when an AV alerts you that an application, running in the background is making an internet connection that you did not initiate, you will know THAT developer is not just another snake oil salesman like all the rest.
    Until then, AV will remain the standing joke in the malware creating fraternity that it always has been.
     
  4. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Yes, but I assumed that these crypters can only fool AV's that make use of signatures and heuristics. Nowadays they also do pre-execution behavioral analysis which should make them classify malware they have never seen before as suspicious. That's why it would be interesting to know which AV's he could bypass. Personally I rely mostly on post-execution behavior blocking.
     
  5. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    Packing and encrypting malware is nothing new. Neither are "AV detection" stress testing activities by malware developers. However, running a for-profit service to assisting in such activity is illegal aiding and abetting criminal activity.
     
  6. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    10,239
    Location:
    Lloegyr
    Probably Norton, there again all malware bypasses Norton lol.
     
  7. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
  8. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    LOL, back in 1996 it was the first AV I ever used, it came pre-installed with IBM Aptiva desktops. Even then it was a resource hog.
     
  9. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    10,239
    Location:
    Lloegyr
    I've heard it's improved recently. It couldn't get any worse lol.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.