Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
Any real-time software that uses non-traditional ways to find malware?
Message
<blockquote data-quote="danb" data-source="post: 915925" data-attributes="member: 62850"><p>Thank you guys for testing, the result are extremely interesting for a lot of reasons. To make a very long story short, these samples were sent to me all in one folder, and the well-known vendor had me analyze the entire folder with VoodooAi and to send the results back to them. It was not until the other night when I found the samples that I wrote a little code that sorted the files into the three folders, based on the results they returned to me. I have not manually inspected any of the files at all, but as I was saying, I trust their verdicts.</p><p></p><p>I should also mention that the vendor and I disagreed on one point for sure. The vendor believed that cracks, keygens, trainers, etc. should only be considered malware if they exhibit malicious behaviors on the actual endpoint. I personally believed, and still believe today that if a file contains any malicious code, it cannot be considered Safe, simply because we have no idea what else it might contain. So that would explain why there will probably be some greyware in the Clean samples. Who knows, we might even find a bunch of malware in the clean samples, and vice-versa <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite110" alt=";)" title="Wink ;)" loading="lazy" data-shortname=";)" />.</p><p></p><p>Either way, as McMcbrad previously mentioned, the results are going to be fuzzy at best, along with malware detection in general. It is scary to me that in this day and age new, non-whitelisted code is executing all over the world as people are carelessly browsing the web and checking email, especially with highly variable and inconsistent malware results.</p><p></p><p>And we wonder why cybercrime and malware infections increase year after year. Malware infections are no different from human virus infections... If everyone did their part and made it a point to not be so careless, we could make the malcoder’s “job” difficult enough that we might actually see a drop in malware infections. We are on a very dangerous path, as illustrated by the breaches that continue to occur on a daily basis.</p></blockquote><p></p>
[QUOTE="danb, post: 915925, member: 62850"] Thank you guys for testing, the result are extremely interesting for a lot of reasons. To make a very long story short, these samples were sent to me all in one folder, and the well-known vendor had me analyze the entire folder with VoodooAi and to send the results back to them. It was not until the other night when I found the samples that I wrote a little code that sorted the files into the three folders, based on the results they returned to me. I have not manually inspected any of the files at all, but as I was saying, I trust their verdicts. I should also mention that the vendor and I disagreed on one point for sure. The vendor believed that cracks, keygens, trainers, etc. should only be considered malware if they exhibit malicious behaviors on the actual endpoint. I personally believed, and still believe today that if a file contains any malicious code, it cannot be considered Safe, simply because we have no idea what else it might contain. So that would explain why there will probably be some greyware in the Clean samples. Who knows, we might even find a bunch of malware in the clean samples, and vice-versa ;). Either way, as McMcbrad previously mentioned, the results are going to be fuzzy at best, along with malware detection in general. It is scary to me that in this day and age new, non-whitelisted code is executing all over the world as people are carelessly browsing the web and checking email, especially with highly variable and inconsistent malware results. And we wonder why cybercrime and malware infections increase year after year. Malware infections are no different from human virus infections... If everyone did their part and made it a point to not be so careless, we could make the malcoder’s “job” difficult enough that we might actually see a drop in malware infections. We are on a very dangerous path, as illustrated by the breaches that continue to occur on a daily basis. [/QUOTE]
Insert quotes…
Verification
Post reply
Top