Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
Real World, Evasive Malware and Performance Test by Trident
Message
<blockquote data-quote="Trident" data-source="post: 1033571" data-attributes="member: 99014"><p>If for some reason Java environment must be used (games and Android development are the two reasons I can think of) then hardening is not an option. You might be able to restrict it via Windows Firewall so it can’t connect to the network (with some games it may be a problem) but Windows Firewall rules are easily manipulated by malware usually. The sample that contains “Unilever” in the name destroyed Microsoft Defender. It didn’t deliver Magnum and Dove <img class="smilie smilie--emoji" loading="lazy" alt="🕊️" title="Dove :dove:" src="https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/1f54a.png" data-shortname=":dove:" />.</p><p></p><p>You can upload everything on VT to check it beforehand, but this Java RAT had a detection of 5 there so that’s not an option as well.</p><p></p><p>If you download any java-based content from trusted sources only, then it should be fine. This specific RAT is from a SPAM campaign but it may as well be presented as a modded/cracked game or something.</p><p></p><p>The Java malware miss was expected, this vector is usually poorly covered. It may be worth saying goodbye to Java content or running in a VM.</p><p></p><p>I will tell you how you can analyse manually Java content in a PM.</p><p></p><p>Btw, thanks for the like.</p></blockquote><p></p>
[QUOTE="Trident, post: 1033571, member: 99014"] If for some reason Java environment must be used (games and Android development are the two reasons I can think of) then hardening is not an option. You might be able to restrict it via Windows Firewall so it can’t connect to the network (with some games it may be a problem) but Windows Firewall rules are easily manipulated by malware usually. The sample that contains “Unilever” in the name destroyed Microsoft Defender. It didn’t deliver Magnum and Dove 🕊️. You can upload everything on VT to check it beforehand, but this Java RAT had a detection of 5 there so that’s not an option as well. If you download any java-based content from trusted sources only, then it should be fine. This specific RAT is from a SPAM campaign but it may as well be presented as a modded/cracked game or something. The Java malware miss was expected, this vector is usually poorly covered. It may be worth saying goodbye to Java content or running in a VM. I will tell you how you can analyse manually Java content in a PM. Btw, thanks for the like. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
