Is testing malware inside sandbox or vm safe?

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Well your knowledge will be the AV cause you can easily identified which are malicious and not. :) Unlike AV its needs to be update for the new definitions
 

MrXidus

Super Moderator (Leave of absence)
Apr 17, 2011
2,503
Yes james, you could say I needed to be updated and checked for new definitions aswell which in all these years of learning about security, computer viruses, malware and testing etc has updated my mind to help protect me against the threats that lurk out there on the web, Easy said then done as the average users have the let down of not having the knowledge for all this, Solution? Antivirus software.
 

bogdan

Level 1
Jan 7, 2011
1,362
What differentiates a person that uses an antivirus and never got infected from a person that doesn't use an antivirus and kept his PC clean?
 

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
A person with AV will not be infected as long its updated and the realtime is running in the background to check every file.

While a person who don't have an AV but he use the knowledge to make sure that the file was download are safe then necessarily when he have an on demand scanner just to make sure he is not infected.
 

bogdan

Level 1
Jan 7, 2011
1,362
But they both manage to keep their PC clean. I can't remember the last time when I had an infection and I probably only had a couple over the years. I've always had an AV installed. It is there "just in case" and as far as resource usage is minimal I feel no need to remove it. In some cases there is the risk of false sense of protection - you feel invincible behind your av and allow yourself to make mistakes, this will most likely get you infected. As long as you don't fall into this trap, I see nothing wrong in using an av.

The fact that MrXidus manages to stay safe while not using an av proves that it is possible, but I don't want the average user to read this thread and somehow get the idea that an av is useless, or even worst, if you are using an av you're probably not as smart as someone who doesn't use one. This would be bad advice.
 

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Well yes an AV is still a must just to make sure the system is secure.
 

HeffeD

Level 1
Feb 28, 2011
1,690
bogdan said:
The fact that MrXidus manages to stay safe while not using an av proves that it is possible, but I don't want the average user to read this thread and somehow get the idea that an av is useless, or even worst, if you are using an av you're probably not as smart as someone who doesn't use one. This would be bad advice.

Agreed.

It's sound advice even for the above average user.

Probably a large percentage of us around here know what we're doing, yet we still run real-time AV protection.

I personally feel it's a bit silly to run without a real-time AV, even if you know what you're doing. It's just adding a layer of protection just in case...

I've never had a car accident in the almost 30 years that I've been driving, but I wear my seatbelt anytime I get in the car, just in case. I've also never wrecked/fallen off of a motorcycle, but I wear a helmet, just in case. ;)
 

MrXidus

Super Moderator (Leave of absence)
Apr 17, 2011
2,503
@ HeffeD

Oh I got the layer of protection, Read my config. You'll see my seatbelt :p
 

MrXidus

Super Moderator (Leave of absence)
Apr 17, 2011
2,503
lol... Touche I am the emergency crew that arrives at the scene of the accident does that sound better?

By that I mean no problem at all I have the medical training needed to quickly heal the accident.
 

Dejan

New Member
Mar 3, 2011
559
Testing malware should never be taken lightly, even when it's done inside a VM, it's not a toy and it will never be 100% safe to test, especially if you have shared folders on, something you shouldn't do unless you really need to, plus sharing the directories you need is a big mistake. A friend of mine had went through this, he was testing a variant of GPCode and while doing that, he's shared folder was being attacked, some files were caught, but they weren't needed luckily. Most of all, don't test malware if you don't know what your doing!
 

Gnosis

Level 5
Apr 26, 2011
2,779
I have not intentionally set out to test malware, but I have encountered some very nasty potential infections while sandboxed, yet I have never had anything malicious to breach the sandbox.

That is not to say that it cannot happen.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top