Which Anti-Virus do you use?
Chances are, you’re running one of the below…. It’s widly accepted that Anti-Virus is a sensible thing to have. It protects your computer by compairing your documents to a database of problem documents. If there is a match, it’s likely you’ve got a virus. This process of dectecting viruses worked well a few years ago…. less documents, less data and less viruses. But now, data has ballooned, as has the database of possable viruses! Matching documents to a database is not only slow and resource hungry… but it’s ineffective in flagging viruses which are not known… and especialy useless if the database it’s compairing has not been updated. The below shows the effectivness of the most common ‘Signiture based’ Anti-Virus applications over time:… Which are you using? 4 Ways Hackers are Winning
- DIY malware cryptors – Are designed to mask malware from being discovered by computer security programs. The idea is: once malware authors release their cryptors into the wild, they have the ability to keep changing it until their malware becomes unrecognizable to antivirus scans. That’s a big “one up” over traditional security.
- Managed malware crypting services – Think of malware as a key that is trying to find a door (someone’s device) to unlock. Instead of trying to make your own custom key, you could go to someone who already knows a specific key is going to work. That’s the idea behind malware crypting as a managed service. This process allows cybercriminals to obtain only the malicious executables (the things that make your computer go “boom”) that have the best chance of being effective—without having to build anything on their own.
- Server-side polymorphism (SSP)!! – is malware that is difficult to identify by a computer scan, no matter how many times you clean your system. It renders traditional antivirus software totally useless.
- Quality assurance processes within the cybercrime ecosystem – Cybercriminals aren’t sloppy about their work. Before a malware campaign is launched, cybercriminals will usually pre-scan their malicious executable against all popular antivirus engines in order to ensure that it will successfully bypass the signature-based malware scanning used by them. The process is highly automated and is often offered as a service at selected cybercrime-friendly online communities.