Serious Discussion Kaspersky misses a fake crack tool

Xciting

Xciting

Level 2
Thread author
Jun 14, 2023
77
So a launched a fake crack and voodoosheild blocked it and gave 100% AI while... kaspersky uhhhh.. doesnt even react to it like at all even on VT theres no detection .... the guy even has a yt.... VT: VirusTotal

Screenshot 2023-07-23 122728.png


Screenshot 2023-07-23 123441.png
 
Last edited by a moderator:
  • Like
  • HaHa
  • Wow
Reactions: comolokko, piquiteco, codswollip and 6 others
Xciting

Xciting

Level 2
Thread author
Jun 14, 2023
77
Blocked by elastic:
Screenshot 2023-07-23 125636.png
The reason i use elastic is if kaspersky misses something elastic will most of the time block the missed malware :>

And yes my kaspserky is enabled and at optimal settings.
 
  • Like
  • Sad
Reactions: comolokko and Dave Russo
Shadowra

Shadowra

Level 34
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,312
I think that if the crack/keygen doesn't perform malicious actions, Kaspersky won't detect it.

Neutrophil said:
this is why kaspersky is popular among the pirates too. you get good security without having to worry about the crack getting quarantined or deleted.
Click to expand...

Kaspersky is very responsive if a hacker tries to crack the product :)
Many hacked keys are quickly blacklisted, and tools for forcing Trial Resets or injecting force licenses are blocked by Kaspersky :)
 
  • Like
  • +Reputation
  • Hundred Points
Reactions: Neutrophil, rooney49, piquiteco and 13 others
Nightwalker

Nightwalker

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
May 26, 2014
1,339
Did the file actually executed (doesnt seem to be the case)? Hard to say that Kaspersky failed without knowing if the System Watcher module (behavior blocker) could have blocked it if the crack tried to do something malicious.

Anyway, I dont see the point of this thread at all ...
 
  • +Reputation
  • Like
  • Hundred Points
Reactions: Jonny Quest, piquiteco, plat and 10 others
KevinYu0504

KevinYu0504

Level 5
Verified
Well-known
Mar 10, 2017
227
This file, which Kaspersky seems to have analyzed,
And judged safe, which is why the VT scan results show safe.

Screenshot 2023-07-25 at 01-48-12 Kaspersky Threat Intelligence Portal.png


Kaspersky Threat Intelligence Portal :

Kaspersky Threat Intelligence Portal

Kaspersky Threat Intelligence Portal allows you to scan files, domains, IP addresses, and URLs for threats, malware, viruses
opentip.kaspersky.com opentip.kaspersky.com

If you think a file may be harmful and Kaspersky is wrong,
You can contact their customer service for confirmation.
 
  • Like
Reactions: vtqhtr413, roger_m, Nevi and 4 others
Neutrophil

Neutrophil

New Member
Feb 26, 2023
8
codswollip said:
It's fake. Kaspersky did its job. No FP. #win

The better question is why VS alerted. Probably cuz it was new (check the FP box, and continue).


You have data for that - or is that a personal confession ? 🤣
Click to expand...

popular among people i know who pirate.. being a broke college student back in the day it aint hard to become a pirate :ROFLMAO:. but i don't do it anymore. it just defeats the whole point of security.
 
  • Like
  • HaHa
Reactions: roger_m, piquiteco, vtqhtr413 and 1 other person
Ink

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Does CyberLock’s VAi pop-up provide any additional information as to why it is deemed unsafe?

From the screenshot provided, all I see is the file is not digitally signed. What other parameters does the AI use to determine a files risk status?

If there is no malicious behaviour, then some AV companies consider Warez (Cracks, Keygens) as PUA.
 
  • Like
Reactions: Nevi, roger_m, piquiteco and 2 others
danb

danb

From VoodooShield
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,662
Ink said:
Does CyberLock’s VAi pop-up provide any additional information as to why it is deemed unsafe?

From the screenshot provided, all I see is the file is not digitally signed. What other parameters does the AI use to determine a files risk status?

If there is no malicious behaviour, then some AV companies consider Warez (Cracks, Keygens) as PUA.
Click to expand...
No, ML/Ai engines are signatureless and perform binary classification, so only a Safe or Unsafe verdict is rendered. Sure, you could try to analyze all 400+ features and try to figure out why the Ai engine determined a certain file to be Safe or Unsafe, but that would be a fool’s errand.

The entire point of CyberLock is to find and allow only Safe files, and block everything else, and I can assure you this file should never be considered Safe.

Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for '(x64bit.)_4.2.x.x_patch.exe'

Submit malware for free analysis with Falcon Sandbox and Hybrid Analysis technology. Hybrid Analysis develops and licenses analysis tools to fight malware.
www.hybrid-analysis.com www.hybrid-analysis.com


Is it malicious? Maybe, maybe not. But it certainly is not Safe.
 
  • Like
  • Thanks
  • +Reputation
Reactions: gonza, Nevi, piquiteco and 4 others
danb

danb

From VoodooShield
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,662
This file is not Safe / Clean, all you need to do is look at the sandbox reports.

Or you can look it up on Kaspersky's Threat Intelligence Portal.

Even Kaspersky does not classify the file as Clean...

Not categorized.PNG


This is how it looks when Kaspersky classifies a file as Clean / Safe (Supremo.exe)...

Clean.PNG
 
  • Like
Reactions: piquiteco, Trident, harlan4096 and 1 other person
danb

danb

From VoodooShield
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,662
harlan4096 said:
Not Categorized in KOTIP may mean: file is still not known by KSN, K. whitelisting, etc. and/or They just did not add that file as Clean, but that does not man it is malicious, in my humble opinion :)
Click to expand...
I am certainly not dissing Kaspersky, but keep in mind, 6 days ago the file was detected as Clean, and now it is detected as "Not categorized". In my opinion, "Not categorized" is a much better determination than "Clean" for this file. It will be interesting if the verdict changes in the future.

malwaretips.com

Discussion Thread - Kaspersky misses a fake crack tool

So a launched a fake crack and voodoosheild blocked it and gave 100% AI while... kaspersky uhhhh.. doesnt even react to it like at all even on VT theres no detection .... the guy even has a yt.... VT: VirusTotal
malwaretips.com malwaretips.com
 
  • Like
Reactions: simmerskool, harlan4096, roger_m and 1 other person

Similar threads

Shadowra
    • Like
    • +Reputation
    • Thanks
App Review Avira Free Security 2024
Replies
12
Views
1,731
Video Reviews - Security and Privacy
lvseqiji
L
Shadowra
    • Like
    • +Reputation
    • Applause
App Review Bkav Pro Internet Security
Replies
14
Views
1,463
Video Reviews - Security and Privacy
ForgottenSeer 103564
F
Shadowra
    • Like
    • +Reputation
    • Thanks
App Review Bitdefender Internet Security 2024
Replies
6
Views
1,135
Video Reviews - Security and Privacy
harlan4096
harlan4096

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top