Debunking 10 top myths about malware

Some of those assumptions seem somewhat made up.

I do not agree with all the answers, because they only answer a part of the spectrum. For example, a question - I'll know I'm infected because malware is noisy - it implies this is not true. The answer is this is ALSO true. Can be both. so it's not a myth. But it's not the WHOLE truth.

I can safely open attachment is another - It implies you cannot. However, I think that's not a myth. It's the matter of statistics. I do safely open attachments from family. It depends what they are. When me mom sends me the pics she took at our dinner, I know what they are. But if she were to send me an exe file, that would be different, no.

And what's with her photo ...

Mrk

 

I think the majority of the list is crap myself. As to that last "myth", I don't believe malware is created by the AV industry, but I certainly believe they are great at scaremongering and exaggeration.

 

"You can’t upload computer viruses to an alien spaceship from your Mac laptop,"

Right, I'm not buying a Mac then!

 

I can see it now, the mothership getting infected with alien porn pop-ups. I hope the distraction doesn't cause the poor souls to crash down to Roswell again. That first time didn't go so swell for them

 

Yeah but those old Roswell saucers were running Vista ...

 

She claims she has heard those things, and I'll take her word for it. Of course we know they are not true, but we're not average users.

 

Yeah I was thinking the same thing. Were did she come up with these myths.

 

I was told that toilet seats are a common cause of malware (or was that syphilis?).

 

“Malware isn’t really a problem anymore ...”
I completely agree with this "myth". It is hackers, who are really dangerous, not some automatic malware, from which you can easily protect from these days.

“I can protect myself from malware by not going on porn/warez sites.”
Not like you can get infected by going to porn/warez sites, unless they are fakes.

 

They forgot my favorite myth:

"A malware prevention test where all contenders block between 95% and 100% of samples is a good predictor of real world performance."

and my second favorite myth:

"All database based security application can only block malware that is known to their researchers."

 

Can you please elaborate?

It´s a privilege to hear directly from one of the developers of one of the most successful antimalware applications these days

 

"A malware prevention test where all contenders block between 95% and 100% of samples is a good predictor of real world performance."

When it comes to the crap I pull out of friends and families PCs it closely matches the crap I see most AVs miss when I go malware hunting. This is especially true for exploit drops. These have pitiful detection rates and this is expressed through the huge backlogs we see at the help forums.

AV testing would have you believe that the industry has this issue under control. Whenever I get sample packs used for testing I see a disproportional amount of PUPs/legit adware, patched (often patched and unpatched incorrectly) files and script kiddy MSIL/VB files when compared to reality. I generically call these samples "testing fluff". Testing is just starting to move towards more real world testing but I would really like to see more pressure put on this move.

"All database based security application can only block malware that is known to their researchers."

The vast majority of the stuff we block we have never seen before, my assumption that to a various degree this is true for a lot of database based vendors. It is possible to create signatures that take a wide variety of factors into account and then add in a certain level of flexibility into those factors allowing the signature to deal with unknown variants and even new infections.

Thanks

 

Thanks!