Malware detection
Malware detection

Malware detection

Malware detection

Companies involved in the malware detection business - do they really want to rid the internet of malware ?

Malware detection - big business !
Malware detection is big business. There are thousands, if not millions, of companies and organisations who are concentrating their expertise and efforts in the field of malware detection.
The battle against malware is being fought on a number of fronts and is fast turning into a cat and mouse game between the big players and the cybercriminals as everyone involved pit their wits against each other.
As improvements in malware detection are implemented across the internet, the cybercriminals are equally as clever, and quick, at introducing counter-measures to keep them in business.
Malware detection - who leads who ?
The question that is open to debate is, whether or, not, it is in the best interests of the companies involved in the malware detection business, to completely eradicate malware ?
Completely ridding the internet of malware removes the need for a solution and kills a whole industry. Is the malware detection industry likely to consider killing the goose that laid the golden egg ?
I doubt it, because for every motivated employee in the big corporations, there are at least two or, maybe, even three, equally determined criminals and anyway, who is leading who ?
Malware detection

Malware detection

Malware detection

The most common type of malware attacks are aimed at our internet browsers

Malware detection
27-08-2011
According to a recent Google' technical report:
Trends in Circumventing Web-Malware Detection, it seems that, despite the combined efforts of everyone involved in the battle against malware and malicious websites in particular, the number of malicious websites capable of compromising our computers in some way, is on the increase.
According to Google's report, the people responsible for the ever-increasing number of malicious websites that can be accessed on the internet are just too clever - "they are highly motivated and quickly adapt to technologies that try to protect users from their sites."
Google employs various techniques in trying to identify and close down 'rogue' websites. Within its armoury are virtual machines and browser emulators that visit websites and test their behaviour, but as Google deploy their anti-rogue website measures across the internet, the scam artists modify their websites to avoid detection.
They employ various techniques in avoiding detection, one of which is requiring the website visitor to click on the page, something it seems, that Google hasn't yet worked out how to do, but they say that they are working on it ?!?
The con men do various other things like banning Google's IP addresses so that Google's virtual machines can't gain access to their malicious websites and scrambling the code so that Google's browser emulators miss the malicious parts of their web pages.
The most common type of attack is aimed at our internet browsers, but not every visitor is targeted which is another of Google's problems. The code within the malicious web pages can test their visitors systems to see which browser and which version they are using and only target the systems that they know are vulnerable.
After reading the report, I am left with the feeling that the traditional anti-virus programs that we all have installed on our computers are 'little,' if any, help in protecting our computers against certain types of attack.
It's common knowledge that our anti-virus programs cannot protect us against Zero Day attacks, but I was surprised to hear how simple it is for the crooks to 'pack' their software into a format that our anti-virus programs cannot understand and therefore, cannot check or, detect. A rogue program can 'easily' sneak through our computer's defences and execute its code leaving our systems infected.
Google's report analyses data that they have collected over a four year period and concludes "Researchers have proposed numerous approaches for detecting the ever-increasing number of web sites spreading malware via drive-by downloads. Adversaries have responded with a number of techniques to bypass detection. This paper studies whether evasive practices are effective, and whether they are being pursued at a large scale."
In a previous Tic Top Tip article, we have recommended that our readers regularly check their internet browser for vulnerabilities that this type of malicious threat can exploit. It's free and quick to do so, there's no excuse, visit:
Qualys Browser Check and check your browser today.
Malware detection
Other related articles:
Online scams
09-07-2011
Facebook security problem
02-07-2011
Malware problem
05-03-2011
Malware detection