Advice Request What would happen if a legimate program, OS, or game somehow had a virus or malware installed on it from the official source?

Please provide comments and solutions that are helpful to the author of this topic.

struppigel

struppigel

Moderator
Verified
Staff Member
Well-known
Apr 9, 2020
656
ng4ever said:
How would you know or prevent it before you use it ?
Click to expand...

Hello. There is no way to 100% prevent this from happening. There were several instances like that in the past. E.g., a trusted open-source developer got a virus infection on their system (an actual virus that infects other executables). That virus infected the developer's release file which was then deployed for everyone as a new version of their program.

Other variants of include deliberate but hidden modifications of source code after the attackers gained access to the developer's systems. These are especially difficult to prevent for the user downloading their software since this is not a known malware and rather hard to detect it as such.

However, these cases are relatively rare. The reason they make the news is that they are not a common thing to happen. You cannot prevent it very well, but you actually also don't need to do something else than your general security measures to prevent infections.
 
  • Like
  • +Reputation
Reactions: Stopspying, Venustus, show-Zi and 7 others
Moonhorse

Moonhorse

Level 37
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,605
  • Like
  • Wow
  • +Reputation
Reactions: Stopspying, Venustus, ZeePriest and 4 others
cruelsister

cruelsister

Level 42
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,142
The mechanism is in a way sort of cool as the ransomware is digitally signed (by PB03 TRANSPORT, now revoked), runs a script (certutil pops up again within it, of course) that kinda-sorta disables Defender while at the same time dropping a legitimate Defender Antimalware Application (msmpeng.exe) as well as the malicious mpsvc.dll (knowing that Defender isn't all that swift with regard to side loading attacks).

Although the blame for Kaseya will be placed on the hackers, the real blame lies with those that utilize sub-optimal malware defenses.And not that anyone asked, but CF laughs at this one prior to malware eradication.
 
  • Like
Reactions: Moonhorse, roger_m, Venustus and 3 others

Similar threads

Gandalf_The_Grey
    • Like
    • Wow
    • +Reputation
Malware News Hackers uploaded malware through a popular game mod on Steam
Replies
0
Views
1,887
Security News
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Applause
    • Like
Technology A quick look back at the official announcement of Windows XP 23 years ago today
Replies
0
Views
227
Technology News
Gandalf_The_Grey
Gandalf_The_Grey
H
    • Like
Serious Discussion In the name of stronger security feature, the bank implements this
Replies
2
Views
547
General Security Discussions
JustInTime
JustInTime

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top