- Apr 13, 2013
- 3,224
Scriptors (my term, but it will catch on) are a class of trojans ranging from vbs, Python, Java, and AutoIT. Seen way back at the dawn of the PC, this class of script malware initially was initially used for High and Noble purposes like making your computer curse at you, opening and closing the CD tray, and making desktop icons move when the mouse pointer hovered over them. Sadly the utility of using such scripts for malevolent purposes like Keyloggers, trojan downloaders, and info stealers of diverse kinds has become popular.
The issue with scriptors is that many (especially in the Corporate Environment) use scripts to automate various processes, and many security products will fail to distinguish between legitimate and malicious (no doubt because of a fear of messing with their False Positive rate).
As the opening of a small series of Scriptor videos, I'd like to concentrate on the utility of using either HitManPro and/or Malwarebytes in the detection of this class of malware. Please do not misunderstand me- both MB and HMP are very fine products that even I feel are an essential part of any Geeks security armamentarium.
But they do have a blind spot, and whenever you watch a Youtube review, you should question if a system is really malware-free after either of these products gives a computer a clean bill of health...
The issue with scriptors is that many (especially in the Corporate Environment) use scripts to automate various processes, and many security products will fail to distinguish between legitimate and malicious (no doubt because of a fear of messing with their False Positive rate).
As the opening of a small series of Scriptor videos, I'd like to concentrate on the utility of using either HitManPro and/or Malwarebytes in the detection of this class of malware. Please do not misunderstand me- both MB and HMP are very fine products that even I feel are an essential part of any Geeks security armamentarium.
But they do have a blind spot, and whenever you watch a Youtube review, you should question if a system is really malware-free after either of these products gives a computer a clean bill of health...
