Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
Can Anti-Viruses stop RATS that have their connection established?
Message
<blockquote data-quote="cruelsister" data-source="post: 1049687" data-attributes="member: 7463"><p>One must not clump RAT’s and Stealers together. A RAT (Remote Access Trojan) must first connect out to malware Command and then be acted upon by the person on the other end. A stealer is much more widespread (especially now, where they are EVERYWHERE) and insidious as they will either collect and send sensitive browser data (like logins and passwords- some specifically will only go after financial thingies), then just send them out to Command without any need for the Blackhat to connect to the victim’s computer herself. Also recently popular are stealers that will package the contents of the Documents and Photos folders for transmission outward. Neither of these mechanisms will lead to an optimal result.</p><p></p><p>As long as the malware itself is known and the precise mechanism of data theft is also known, both traditional and non-traditional anti-malware applications should have no issue in preventing infection. However, for anything novel it can be that both the malware file itself as well as the remote malware Command IP are both unknown; in this case you would be screwed.</p><p></p><p>Best is a product that would both contain unknown files even if signed (and not previously vetted) as well as blocking any outbound connection of that file by default. A stealer can’t steal if it can’t communicate. But in the absence of installing such an application, in general an Outbound altering Firewall is essential in the extreme.</p><p></p><p>Finally, it is important to note that Ransomware for the most part is a thing of the past. Stealers are much more lucrative and thus a whole lot more popular.</p></blockquote><p></p>
[QUOTE="cruelsister, post: 1049687, member: 7463"] One must not clump RAT’s and Stealers together. A RAT (Remote Access Trojan) must first connect out to malware Command and then be acted upon by the person on the other end. A stealer is much more widespread (especially now, where they are EVERYWHERE) and insidious as they will either collect and send sensitive browser data (like logins and passwords- some specifically will only go after financial thingies), then just send them out to Command without any need for the Blackhat to connect to the victim’s computer herself. Also recently popular are stealers that will package the contents of the Documents and Photos folders for transmission outward. Neither of these mechanisms will lead to an optimal result. As long as the malware itself is known and the precise mechanism of data theft is also known, both traditional and non-traditional anti-malware applications should have no issue in preventing infection. However, for anything novel it can be that both the malware file itself as well as the remote malware Command IP are both unknown; in this case you would be screwed. Best is a product that would both contain unknown files even if signed (and not previously vetted) as well as blocking any outbound connection of that file by default. A stealer can’t steal if it can’t communicate. But in the absence of installing such an application, in general an Outbound altering Firewall is essential in the extreme. Finally, it is important to note that Ransomware for the most part is a thing of the past. Stealers are much more lucrative and thus a whole lot more popular. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
