Hackers create software to dribble antivirus in attacks to browsers (check this)

Discussion in 'other anti-virus software' started by dah145, Oct 18, 2006.

Thread Status:
Not open for further replies.
  1. dah145

    dah145 Registered Member

    Joined:
    Jul 3, 2006
    Posts:
    262
    Location:
    n/a
    It is HERE (translated)

    Bad news for AVs :'(
     
  2. VikingStorm

    VikingStorm Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    387
    Don't exactly understand what it is due to machine translation, but doesn't it depend on the browser having unpatched vulnerabilities?
     
  3. dan_maran

    dan_maran Registered Member

    Joined:
    Aug 30, 2004
    Posts:
    1,053
    Location:
    Stamford, CT
  4. dah145

    dah145 Registered Member

    Joined:
    Jul 3, 2006
    Posts:
    262
    Location:
    n/a
  5. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    This should be interesting. A good heuristics engine should be able to catch it well enough, and those without good heuristics will need to create strong generic signatures...
     
  6. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    has kaspersky and f-secure got good enough heristics to catch it?
    or will there HIPS stop it?
     
  7. austin1257

    austin1257 Infrequent Poster

    Joined:
    Sep 24, 2006
    Posts:
    31
    Greenborder Pro would stop it.
     
    Last edited: Oct 19, 2006
  8. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    Kaspersky 6.0 with Proactive Defense Module enabled should be able to stop it.

    Not sure about F-Secure, though. Mostly F-Secure 2007 should be able to protect too. Most other KAV clones may not offer good enough protection against this kind of threat at the current time. However, if Kaspersky does release its new heuristic engine soon, all products using KAV engine should be able to provide some degree of protection against this kind of threat.
     
  9. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    thanks and f-secures "deepfreeze" should protect me.


    lodore
     
  10. Atomic_Ed

    Atomic_Ed Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    389
    I looked at the deepfreeze product a few years back but never got the chance to actually try it myself. Do you recommend this product? I personally think the concept will eventually be the only method to protect Internet connected computers in the future as exploits become more and more complex in the evading abilities as well as if MS locks their kernel and not really effective AVs can be developed. If you could give me your thoughts on using deepfreeze I would appreciate hearing them.
     
  11. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    woops sorry you got what i said wrong im talking about f-secures HIPS called deep freeze. im not talking about deepfreeze as in frozen snapshot. sorry for the misunderstanding.

    i dont know why f-secure called its HIPS deep freeze thou.
     
  12. Atomic_Ed

    Atomic_Ed Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    389
    Ok, no problem. I hate that when companies name different product the same the thing.
     
  13. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    I did just watch a video of deep freeze frozen snap shot program and it does seem good. it could be useful for internet cafe's so it doesn't matter what those idiots there do lol.
     
  14. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    F-Secure's improved proactive protection technology is called DeepGuard, not Deepfreeze. :)
     
  15. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    woops sorry I got it wrong IMO
     
Loading...
Thread Status:
Not open for further replies.