PREVX 3.0 failed on August 2011 MRG EFFITAS test.

Discussion in 'Prevx Releases' started by Knighthood, Aug 24, 2011.

Thread Status:
Not open for further replies.
  1. Knighthood

    Knighthood Registered Member

    Joined:
    Mar 22, 2011
    Posts:
    98
    PREVX 3.0 failed on August 2011 MRG EFFITAS test. What is the deal here ?

    Thanks.
     
  2. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    We don't have any additional information other than what was posted in the PDF so I couldn't really say why at this point.
     
  3. AnonRogue

    AnonRogue Registered Member

    Joined:
    Jul 18, 2011
    Posts:
    10
    Enough with this MRG crap, these guys are fools. They are crypting there exe and using it to test. whats the point of that ? i can do that too and bypass all security vendors... i got 782 samples from the last 6 days and so far 760 are blocked by prevx, thats a real test for you...

    Silent bypass is due to "CodeDom" encryption which hooks into a loaded exe.

    Most crypters will inject into the "svchost.exe" "winlogon.exe" or "explorer.exe"
     
  4. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,771
    Location:
    Outer space
    The point is not to test detection but to test the protection against keylogging etc.(In this case SafeOnline.)
     
  5. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,771
    Location:
    Outer space
    Any update on this?
     
  6. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    No, we haven't heard anything, but we have re-verified our protection against all major identity theft trojans in the wild now (Zeus, SpyEye, Caberp, Silon, URLZone to name a few) and we fully protect against them.
     
  7. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,635
    Location:
    UK
    I thought MRG were supposed to send missed samples to the vendor that didn't react to same?
     
  8. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,771
    Location:
    Outer space
    Just got an answer from Chris, they do send missed samples to the vendors, but this is their own built simulator, however the vendors will get remote access to the testing VM's and support from MRG to protect against the simulator.
     
Thread Status:
Not open for further replies.