How many viruses are made by anti-virus companies?

Discussion in 'other anti-virus software' started by sg09, May 26, 2011.

Thread Status:
Not open for further replies.
  1. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    See here
    http://www.emsisoft.com/en/kb/articles/tec110601/
     
  2. Nevis

    Nevis Registered Member

    Joined:
    Aug 28, 2010
    Posts:
    786
    Location:
    255.255.255.255
    it might be contradictory and many people and devloper wont like it here but I dont agree with it and I have proof thats its not correct .. i cant give much disclosure on this though
     
  3. tekkaman

    tekkaman Registered Member

    Joined:
    Sep 22, 2008
    Posts:
    164
    It makes sense . There are so many viruses made each day I find it's convenient to write viruses and then sell the medicine ^^. It's business. I know there are hackers that write viruses. But so many every day ? I think to make a quantity so high companies of paid individuals can make more viruses than a single bored guy in his appartment.
     
  4. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,047
    Location:
    USA
    There may have been a time when I would have believed that anti-virus companies would have done this to sell products (back in the 90's). But at this point they are losing the battle so I doubt they would do this to themselves. :ouch:
     
  5. Coldmoon

    Coldmoon Returnil Moderator

    Joined:
    Sep 18, 2006
    Posts:
    2,981
    Location:
    USA
    @ Nevis and tekkaman,

    Extraordinary claims require an equal quality of evidence. The article makes one important point (as the OP notes in his citation), but the real point would be that to do as you suggest would be both unethical (in the extreme) and potentially criminal. The mere suggestion that an AV company engaged in such activity would severely damage both their reputation and credibility at a minimum with long lasting consequences for their long term viability as a company.

    This means that you would have to prove that not only did company "A" create the malware, but also was responsible for distributing same to the wild. There is no incentive for a real security provider to do this and I have never seen this done or even suggested during my own career spanning the past decade...

    JMHO
    Mike
     
  6. tekkaman

    tekkaman Registered Member

    Joined:
    Sep 22, 2008
    Posts:
    164

    Doesn't it strike you as suspicious when only one AV detects a threat ? Then after a while the others will follow hehe.
     
  7. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    If you know how things work, you don't wonder about that at all.
    Companies use honeypots to capture malware and some just happen to capture that very sample faster than competitors. Same thing usually works in reverse the other time.
     
  8. Nevis

    Nevis Registered Member

    Joined:
    Aug 28, 2010
    Posts:
    786
    Location:
    255.255.255.255
    I hope what you say is true for majority .. i know that its not true 100 % .
    we just saw 1 company who engaged in such activity. Obviously the big giants would not leave any easy proof

    I would not discuss it more now :)
     
  9. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    I doubt it "officially" happens and is probably not part of the company policy. But nobody can legally control what employees do in their spare time. So if someone slips some money for "unofficial" work, it could very well happen. But in such cases the AV company is not responsible for it (at least not directly).

    So, if I consider some ultra-big conspiracy theory, it probably might be happening and nobody but the highest guy up will be knowing about it :D

    But let's get real......there are certain goofups everywhere, it doesn't mean that the company is actively involved in such things. It isn't much of a financial gain for an AV vendor to develop malware. It's similar to dropping a drink on someone's food and then getting accused of being out to "get" him....(which may or may not be true, but in most cases isn't) :D
     
  10. Dwarden

    Dwarden Registered Member

    Joined:
    Apr 11, 2003
    Posts:
    176
    Location:
    Czech Republic
    more malware is written for mafia, industry espionage and espionage agencies ...

    so whole point is moot
     
  11. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Just another reason not to buy antimalware software
     
  12. ExtremeGamerBR

    ExtremeGamerBR Registered Member

    Joined:
    Aug 3, 2010
    Posts:
    1,115
    Just another reason why I should not rely on signatures.
     
  13. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I don't think anyone would disagree with that. Relying solely on signatures/ blacklists is silly.
     
  14. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,214
    Whether it happens or not it doesn't change the fact that malware is here to stay. Politically motivated distribution of viruses (with specific targets in mind) by government officials is increasing (stuxnet is an example), recently a large banking conglomerate in South Korea has been successfully cracked allegedly by North Korean cyber attacks, Chinese cyber attacks to US systems have been going on for a while (nobody knows for sure who is behind them though).

    What I'm trying to say is that it is very difficult nowadays to draw a line between what is a criminal source and one paid by a legitimate source for whatever purposes. Experts from large AV companies might have been secretly asked for advice when government agencies need to take action.

    Ultimately it doesn't really matter who the source is, because the problem would still be around.
     
  15. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,047
    Location:
    USA
    No. When only one detects it then it is usually a false positive. If others follow it is because they are copying the first one. o_O
     
  16. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    There was a serious Rising accusation, but I think that's the exception.
     
  17. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,828
    Location:
    Last Breath Farm
    Huh?
    A mere suggestion would severely damage reputations and credibility?
    I don't think so.
     
  18. PJC

    PJC Very Frequent Poster

    Joined:
    Feb 17, 2010
    Posts:
    2,959
    Location:
    Internet
    Spot On!:thumb:
     
  19. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,723
    Location:
    localhost
    Yes, it does... after more than 5 years there are still users thinking of a certain security vendor having its software calling home secretely. No matter if it was a bug and it was fixed in follow-up versions and no matter if privacy was not violated whatsoever... :)

    Yeap, only case known. It does not make any commercial sense and there are enough viruses around nowadays in need of detection. They don't need to create them ad-hoc... even if they do, the effect will be null and the risk far outweighting the benefits.
     
  20. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,121
    Location:
    Pennsylvania.
    Whats this honeypot thing that's being used for malware capture?
     
  21. Baserk

    Baserk Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    1,317
    Location:
    AmstelodamUM
    'Honeypots are closely monitored network decoys serving several purposes: they can distract adversaries from more valuable machines on a network, they can provide early warning about new attack and exploitation trends and they allow in-depth examination of adversaries during and after exploitation of a honeypot.

    Honeypots are a highly flexible security tool with different applications for security. They don't fix a single problem. Instead they have multiple uses, such as prevention, detection, or information gathering.
    ' link

    Or imagine security software companies setting up 'PC's' that function as if common users are using the net while clicking/downloading everything and everywhere (that's most used by the large majority of users).
    This way, those PC's will be 'infected' with drive-by malware/trojans, fake-AV's, etc.
    They try to catch those malware samples which they haven't seen before so they can write a signature/update their tech if necessary.
     
  22. FlimFlam

    FlimFlam Registered Member

    Joined:
    May 23, 2011
    Posts:
    42
    There it is, the DUH factor. Maybe they don't code the trojans out there, but they really DO want us to get infected.

    The question that should be raised here is whether or not the AV companies hold secret award ceremonies for the malware coders thanking them for their hard work.

    "Good Evening, this is the award for the Best Rootkit of 2011 - TDL4 or ZeroAccess"

    "And the winner for the Best Rootkit of 2011 goes to.....Blah Blah Blah"

    *applause*

    The winning malware coder team then walks up on stage to accept the award (a trophy) with every corporate AV logo in the world stamped on it.

    "I'd like to thank my parents for forcing me to learn programming and hacking when I was young rather than practice the piano like my friends."

    *laughter*

    "I'd also like to thank the AV industry for their continued support by convincing the public that they need their software rather than change their Internet habits and enable Windows security."

    *applause*

    "And I'd would really like to thank the public malware help forums of the world for showing us their step-by-step removal methods that has served us well in our dedication to make our future malware releases even better."

    *laughter* and *applause*

    "Thank you all for your cooperation and good night."

    *applause*
     
  23. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Whether or not they're involved in such activities, as far as I am concerned I'd would be merely speculating. Nothing more.

    But, they rely on FUD. I remember the Conficker hype. I remember watching a Symantec's spokesperson in the news telling people to hurry buying their crap, instead of saying what these people could actually do to prevent it.
     
  24. kwismer

    kwismer Registered Member

    Joined:
    Jan 4, 2008
    Posts:
    240
    yeah, yeah, people making similar claims are a dime a dozen, but they never actually prove it. they always have some excuse for why they can't name names.

    here's an example of why making a claim like that is so utterly useless: i have proof that you're actually an alien from another planet. documented evidence, video of your arrival, the works. i can't disclose it though.

    we both claim to have proof of our respective claims. at least one of us is full of it. unless we disclose the proof we claim to have and allow it to be analyzed, there's no way for anyone to know who's claim is credible and who is full of hot air.
     
  25. kwismer

    kwismer Registered Member

    Joined:
    Jan 4, 2008
    Posts:
    240
    a) there isn't that much unique malware being created. the article gives a number, but that number is almost certainly the number of distinct samples, not the number of unique malware instances. server-side polymorphism can pump out thousands of samples of the same malware that are each slightly different from one another.

    b) it's definitely paid individuals making the lion's share of the malware, but those paid individuals are not in the anti-malware industry. maybe you weren't aware of this, but there are all sorts of different criminal enterprises that can be performed with malware. that means the malware creators are getting paid, and paid handsomely, without any involvement from the anti-malware industry whatsoever.

    uuuhhh, no. why would that strike anyone as suspicious? for every piece of malware, somebody's got to be the first to find it. the malware doesn't magically appear in every company's inbox at the same time.
     
Loading...
Thread Status:
Not open for further replies.