App Review Cylance Smart Antivirus 2018 Bypassed

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.

Thirio

Level 3
Verified
Well-known
Mar 3, 2017
126
Speaking of Cylance A.I.. I noticed the author of this video is the developer of XyWall AntiMalware which claims to have A.I heuristics and uses VirusTotal. Anyone ever use this program before? I tried it out in a VM for only a couple minutes, it has a high detection (and false positive rate). WD detected it as a trojan right away so I ditched it shortly after.

Back to the topic, it seems only CIS was able to prevent this ransomware in the author's test series. The title of the video says bypass but the file was run outside containment on the second try. The takeaway from this video is that some malware won't reveal their true intentions in a sandbox and can surprise the user if they run the file with unlimited access.

 

Nestor

Level 9
Verified
Well-known
Apr 21, 2018
397
Speaking of Cylance A.I.. I noticed the author of this video is the developer of XyWall AntiMalware which claims to have A.I heuristics and uses VirusTotal. Anyone ever use this program before? I tried it out in a VM for only a couple minutes, it has a high detection (and false positive rate). WD detected it as a trojan right away so I ditched it shortly after.

Back to the topic, it seems only CIS was able to prevent this ransomware in the author's test series. The title of the video says bypass but the file was run outside containment on the second try. The takeaway from this video is that some malware won't reveal their true intentions in a sandbox and can surprise the user if they run the file with unlimited access.


CIS and probably Spyshelter will be able to prevent it.
 

SHvFl

Level 35
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Nov 19, 2014
2,342
Speaking of Cylance A.I.. I noticed the author of this video is the developer of XyWall AntiMalware which claims to have A.I heuristics and uses VirusTotal. Anyone ever use this program before? I tried it out in a VM for only a couple minutes, it has a high detection (and false positive rate). WD detected it as a trojan right away so I ditched it shortly after.

Back to the topic, it seems only CIS was able to prevent this ransomware in the author's test series. The title of the video says bypass but the file was run outside containment on the second try. The takeaway from this video is that some malware won't reveal their true intentions in a sandbox and can surprise the user if they run the file with unlimited access.


Or he fakes results if he is calling pressing run unlimited as bypass. lol
 
5

509322

It probably won't be safe once that system clock disappears and the tester disables key protection fetures.

If the KyRox sample can run on the real system, then of course it isn't safe.

Properly configured and used SRP will just block the execution of KyRox unless the tester overtly allows it to run.
 

DeepWeb

Level 25
Verified
Top Poster
Well-known
Jul 1, 2017
1,396
I think Cylance with AppCheck and a strong Group Policy config would be a great signature free combination that can do most of the job. If I ever get tired of Kaspersky, I might switch to that or maybe set up someone else's computer with that combo.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top