Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Malware Analysis
How big are your chances to be infected?
Message
<blockquote data-quote="ForgottenSeer 89360" data-source="post: 918402"><p>It changes quality and form, this renders increase in number unnecessary. I personally saw many trend changes, as I was a kid when Kaspersky’s VirusList (now securelist) website got my interest towards malware, after I had a Zlob trojan infection. Misleading applications, screen lockers (early ransomware), encryptors, now file-less infostealers and ransomware that also uploads your data.</p><p></p><p>Either way, by running any top-notch AV, chances are not really high, as this will require heavy evasion, which in turn requires heavy research and funding. This might not be worthy for a home environment. GitHub is full of exploits, but finding and applying these is still time-consuimg. I sent a file-less Tesla sample to [USER=86910]@struppigel[/USER] and this led to an AMSI bypass, freely available on GitHub and consisting of no more than 10 lines of code. It’s been released 3 months ago and it’s only been partially patched (System.net.WebClient has been disabled, but executable can still be smuggled). Pentesters are supposed to have a security spirit, yet they publish exploits, instead of working with companies to render them ineffective.</p><p></p><p>Even if they steal your credentials and CC details (identity theft), banks nowadays, as well as many websites, have become far more vigilant with location awareness, 2FA and many other factors. So a successful infection != successful compromise. If your information reaches the black market, it’s not guaranteed that attempts to use it will be made. Transaction disputes cause banks themselves to lose money and this might be dangerous for amateur attackers. For €0.99 banks will involve various security departments and institutions.</p><p></p><p>Other malware, such as bots/botnets, even if undetected initially, might be detected in few hours or days. It’s not guaranteed that the attacker will start sending out SPAM or DDoS traffic right after the infection. It’s not guaranteed that once activated, the bot won’t trigger a detection when it starts executing the script.</p><p>It’s worth mentioning that attackers themselves told me cryptojacking, as well as crypto-stealing is very stable in the long run, but this is normally done through RATs/ Backdoors and affects people who run no AV (again, attacker words). People frequently downloading cheats and cracks with no active AV are most threatened.</p><p></p><p>Ransomware infections are nasty and I see requests in the Malware Help section frequently. If you detect them just a minute later, this is already too late, but how difficult it is to backup or even encrypt all your data? Nowadays, information is moved mostly to the cloud and mobile, so your Windows security, or lack of such has become a less important factor than before. There are many ways to scam a user on any platform into providing information and funds voluntarily and this requires no malware at all.</p><p></p><p>The heavy task of keeping your data secure now falls to third-party companies, where you deposit it. These are very attractive target and/ or might be selling your data for pennies - regardless of the fact that you have installed various programs and tools, to protect your data and privacy.</p></blockquote><p></p>
[QUOTE="ForgottenSeer 89360, post: 918402"] It changes quality and form, this renders increase in number unnecessary. I personally saw many trend changes, as I was a kid when Kaspersky’s VirusList (now securelist) website got my interest towards malware, after I had a Zlob trojan infection. Misleading applications, screen lockers (early ransomware), encryptors, now file-less infostealers and ransomware that also uploads your data. Either way, by running any top-notch AV, chances are not really high, as this will require heavy evasion, which in turn requires heavy research and funding. This might not be worthy for a home environment. GitHub is full of exploits, but finding and applying these is still time-consuimg. I sent a file-less Tesla sample to [USER=86910]@struppigel[/USER] and this led to an AMSI bypass, freely available on GitHub and consisting of no more than 10 lines of code. It’s been released 3 months ago and it’s only been partially patched (System.net.WebClient has been disabled, but executable can still be smuggled). Pentesters are supposed to have a security spirit, yet they publish exploits, instead of working with companies to render them ineffective. Even if they steal your credentials and CC details (identity theft), banks nowadays, as well as many websites, have become far more vigilant with location awareness, 2FA and many other factors. So a successful infection != successful compromise. If your information reaches the black market, it’s not guaranteed that attempts to use it will be made. Transaction disputes cause banks themselves to lose money and this might be dangerous for amateur attackers. For €0.99 banks will involve various security departments and institutions. Other malware, such as bots/botnets, even if undetected initially, might be detected in few hours or days. It’s not guaranteed that the attacker will start sending out SPAM or DDoS traffic right after the infection. It’s not guaranteed that once activated, the bot won’t trigger a detection when it starts executing the script. It’s worth mentioning that attackers themselves told me cryptojacking, as well as crypto-stealing is very stable in the long run, but this is normally done through RATs/ Backdoors and affects people who run no AV (again, attacker words). People frequently downloading cheats and cracks with no active AV are most threatened. Ransomware infections are nasty and I see requests in the Malware Help section frequently. If you detect them just a minute later, this is already too late, but how difficult it is to backup or even encrypt all your data? Nowadays, information is moved mostly to the cloud and mobile, so your Windows security, or lack of such has become a less important factor than before. There are many ways to scam a user on any platform into providing information and funds voluntarily and this requires no malware at all. The heavy task of keeping your data secure now falls to third-party companies, where you deposit it. These are very attractive target and/ or might be selling your data for pennies - regardless of the fact that you have installed various programs and tools, to protect your data and privacy. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
