Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
Comodo Internet Security 11 Review | Test vs Malware
Message
<blockquote data-quote="509322" data-source="post: 761001"><p>It's common sense. And learn by doing.</p><p></p><p>Take a bunch of malware samples and just look at the file names and inspect the file Properties. That alone gives suspicious indicators.</p><p></p><p>Malc0ders are not all that creative. Just look at the file names of common run-of-the-mill malware.</p><p></p><ul> <li data-xf-list-type="ul">8.xls.exe that is supposed to be a sales report. It's a weaponized Excel document.</li> <li data-xf-list-type="ul">NightShades.exe that is supposed to be a Flash update. It's signed with a valid cert by, you guessed it, "Night Shades, Inc" and is PUA.</li> <li data-xf-list-type="ul">92374.js that is supposed to be an .mp4 download. It is a worm.</li> </ul><p></p><p>I mean, come on... this is childs'-play. It takes the barest minimum of a user paying attention to what they just did, what they got, and a quick look. And all of it is common sense requiring the least bit of effort.</p><p></p><p>And the vast majority of the malc0ders are not even going to spend the $1500 to get a certificate and sign their malware properly. Some argue that they don't have the funds to pay the fees, but the real reason is to not leave any trails or links that can lead back to them. The signed PUA\PUP pushers, however, do pay for certs because it nets them mad revenue for their measly effort - and the certificate authorities won't revoke their certs except in obvious cases.</p><p></p><p>I don't care what anyone says. You don't have to be a malware analyst or an Win Internals expert to figure any of this stuff out. I know 70+ year-old grandmas doing this basic level stuff. If they can figure it out, then so can everyone else.</p><p></p><p>And that this very low-level stuff isn't being actively taught is just plain pathetic and shameful. It's society's responsibility to teach it - and most definitely should not be made the exclusive responsibility of all the security soft vendors nor the industry itself.</p></blockquote><p></p>
[QUOTE="509322, post: 761001"] It's common sense. And learn by doing. Take a bunch of malware samples and just look at the file names and inspect the file Properties. That alone gives suspicious indicators. Malc0ders are not all that creative. Just look at the file names of common run-of-the-mill malware. [LIST] [*]8.xls.exe that is supposed to be a sales report. It's a weaponized Excel document. [*]NightShades.exe that is supposed to be a Flash update. It's signed with a valid cert by, you guessed it, "Night Shades, Inc" and is PUA. [*]92374.js that is supposed to be an .mp4 download. It is a worm. [/LIST] I mean, come on... this is childs'-play. It takes the barest minimum of a user paying attention to what they just did, what they got, and a quick look. And all of it is common sense requiring the least bit of effort. And the vast majority of the malc0ders are not even going to spend the $1500 to get a certificate and sign their malware properly. Some argue that they don't have the funds to pay the fees, but the real reason is to not leave any trails or links that can lead back to them. The signed PUA\PUP pushers, however, do pay for certs because it nets them mad revenue for their measly effort - and the certificate authorities won't revoke their certs except in obvious cases. I don't care what anyone says. You don't have to be a malware analyst or an Win Internals expert to figure any of this stuff out. I know 70+ year-old grandmas doing this basic level stuff. If they can figure it out, then so can everyone else. And that this very low-level stuff isn't being actively taught is just plain pathetic and shameful. It's society's responsibility to teach it - and most definitely should not be made the exclusive responsibility of all the security soft vendors nor the industry itself. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
