I would love to know which AV's he could evade with this trick. Nowadays, AV's should be able to detect malware with behavioral technologies, and that should not be easy to bypass.
I dont think AV is a problem for malware creators, when an AV alerts you that an application, running in the background is making an internet connection that you did not initiate, you will know THAT developer is not just another snake oil salesman like all the rest. Until then, AV will remain the standing joke in the malware creating fraternity that it always has been.
Yes, but I assumed that these crypters can only fool AV's that make use of signatures and heuristics. Nowadays they also do pre-execution behavioral analysis which should make them classify malware they have never seen before as suspicious. That's why it would be interesting to know which AV's he could bypass. Personally I rely mostly on post-execution behavior blocking.
Packing and encrypting malware is nothing new. Neither are "AV detection" stress testing activities by malware developers. However, running a for-profit service to assisting in such activity is illegal aiding and abetting criminal activity.
LOL, back in 1996 it was the first AV I ever used, it came pre-installed with IBM Aptiva desktops. Even then it was a resource hog.
