Malware hides behind the mouse

Discussion in 'malware problems & news' started by PJC, Oct 30, 2012.

Thread Status:
Not open for further replies.
  1. PJC

    PJC Very Frequent Poster

    Joined:
    Feb 17, 2010
    Posts:
    2,959
    Location:
    Internet
  2. Eww, that's obnoxious. I'd like to know what actual ITW malware does this though, and how it installs itself on end user machines in the first place...
     
  3. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,698
    It all begins with the initial infection, afterwards what happens is meaningless.
    And you can't trust security companies to tell you about security.
    So Symantec blah blah is useless.
    Mrk
     
  4. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Several classic HIPS, even the old ones like SSM free, will intercept that hook and alert the user to the attempt.
     
  5. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    Yeah but not many people use HIPS. :D
     
  6. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    True. That said, conventional detection based security is becoming impossible. This subject was originally in this thread. If you can trust the way Symantec counts malware (extremely hyped quantities), they're claiming a million new variants per day, which makes detection by identification a total joke. IMO, we're approaching the point where default-permit based security on PCs with average users playing administrator is not viable. I don't see a viable answer that works for the average user that still allows them to safely have administrator access. I don't believe that sandboxing will prove that durable in the long run. I wonder how long it will be before windows won't allow a user to install anything that doesn't come through their store. IMO, it's going in that direction faster than most want to admit.
     
  7. jo3blac1

    jo3blac1 Registered Member

    Joined:
    Sep 15, 2012
    Posts:
    739
    Location:
    U.S.
    You forget about a couple of other alternative security apps:
    1) SD -> has never been overcome by malware
    2) App guard -> another one never bypassed by malware
    3) SBIE --> also never heard of anyone getting infected through it either

    I don't think that Windows can go 100% like iOS. There will always have to be a way for large companies to side load custom made apps.
     
  8. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I haven't used SD and app guard and am not familiar with their abilities/limitations. With Sandboxie, the developer has said that it is not as effective on 64 bit because of restrictions the OS places on legit apps.
     
Loading...
Thread Status:
Not open for further replies.