Evjl's Rain

Level 42
Verified
Trusted
Content Creator
Malware Hunter
It would be interesting to see WD's behavior here, in the case of the static detection fails.

https://malwaretips.com/threads/w-anna-cry-v2.71397/#post-630017
it's not easy to do a test with WD now because it's very likely to detect all samples by signatures. If we test it with the outdated signatures, if it triggers the cloud, it would block it, maybe
the best way to test it is to wait until there is a brand new variant which is undetected by either signatures or cloud
 
Last edited:

spaceoctopus

Level 15
Verified
Content Creator
True,nothing is perfect,even Kaspersky which is a top product.Remembering some time ago when they discovered a malware that infiltrated,and was lingering in their core infrastructures.Despite the high level of security at that level.Proof that nothing is 100% sure and effective.
 

Parsh

Level 24
Verified
Trusted
Malware Hunter
True,nothing is perfect,even Kaspersky which is a top product.Remembering some time ago when they discovered a malware that infiltrated,and was lingering in their core infrastructures.Despite the high level of security at that level.Proof that nothing is 100% sure and effective.
That alleged Duqu 2.0 based fileless malware resided for quite some time in their machines when they suspected unusual network activity.
That was a malware of a state-sponsored cyberattack level and detecting it ultimately helped them understand and analyse their technique to be prepared, and avoid spoofing in ways they understood.
 

spaceoctopus

Level 15
Verified
Content Creator
That alleged Duqu 2.0 based fileless malware resided for quite some time in their machines when they suspected unusual network activity.
That was a malware of a state-sponsored cyberattack level and detecting it ultimately helped them understand and analyse their technique to be prepared, and avoid spoofing in ways they understood.
Yes, it was what i was talking about.But the interesting thing in this case,is instead of attacking individual Pcs, someone could attack any security provider in it's main infrastructures and compromise every computers connected to it.Just seeing the case of Wannacry, it seems almost everything is possible.
 

Game Of Thrones

Level 5
Verified
True,nothing is perfect,even Kaspersky which is a top product.Remembering some time ago when they discovered a malware that infiltrated,and was lingering in their core infrastructures.Despite the high level of security at that level.Proof that nothing is 100% sure and effective.
this is good! because the vendors that get hit by something like this will do better in the future to defend their infrastructures. many other even do not know that they are compromised. finding this kind of issues will help them to make better tactics.
 

Parsh

Level 24
Verified
Trusted
Malware Hunter
this is good! because the vendors that get hit by something like this will do better in the future to defend their infrastructures. many other even do not know that they are compromised. finding this kind of issues will help them to make better tactics.
True said! That's one occurrence that Kaspersky could actually benefit in terms of learning and being prepared, for themselves and their clients. You never can be sure if you're clean, and getting to know in itself is a feat.
Eventually, they would bring some radical improvement in strategies to deal with potential fileless malware and targeted attacks.
Against such fileless malware that Kaspersky reported in many financial institutes and enterprises, Kaspersky has implemented plans like their Anti-Targeted Attack Platform for advanced analysis and detection of such attacks.