- Jan 4, 2016
- 1,022
This morning, a Facebook user alerted me about a possible security problem about VoodooShield free, because parent process is on by default. This was made using WinRAR. Since it's a popular software, I decided to share the results with you. This could be a huge problem, since most of the ransomware is usually delivered by email, using Archives, and a lot of people use WinRAR
Steps done in the test:
1) installed winrar
2)installed VoodooShield on Autopilot
3) tested VoodooShield against CDBurnerXP, using the version bundled with adware
Here are the results:
1) I launched the main EXE to check is VoodooShield was working, and it blocked it successfully
2) I created a WinRAR archive and run the file directly inside the archive, exactly how a beginner would do and... No alerts!
3) I created a zip archive, then removed WinRAR and tried to open it with the default Windows option. Blocked
Let me known your thoughts. Regards,
TheMalwareMaster
Steps done in the test:
1) installed winrar
2)installed VoodooShield on Autopilot
3) tested VoodooShield against CDBurnerXP, using the version bundled with adware
Here are the results:
1) I launched the main EXE to check is VoodooShield was working, and it blocked it successfully
2) I created a WinRAR archive and run the file directly inside the archive, exactly how a beginner would do and... No alerts!
3) I created a zip archive, then removed WinRAR and tried to open it with the default Windows option. Blocked
Let me known your thoughts. Regards,
TheMalwareMaster
Last edited: