Anti-virus software significantly shortens life of banking trojans

Posted by   Virus Bulletin on   Oct 24, 2012

Security software causes malware to run for less than a third as long.

'Does anti-virus software actually help?' is a question often asked, even by security experts - who point to the fact that malware authors test their creations to make sure they aren't detected by anti-virus products before releasing them, and to the fact that good practice among users prevents a lot of attacks from happening in the first place.

Recent research carried out by Dutch security firm SurfRight, however, shows that running anti-virus software really does help. On machines on which the company's HitManPro product detected a banking trojan, the average lifetime of said trojan was 81 days when no anti-virus product was running. However, on machines that were running anti-virus software, the average lifetime was a mere 25 days.

SurfRight admits that these numbers should not be taken as exact science - after all, the research only included machines whose owners were suspicious that something was amiss in the first place. But we should note that the company offers a 'second opinion' security solution, and thus it would actually be in its interest to emphasise the failures of anti-virus software rather than its triumphs.

More at the HitManPro blog here.

Posted on 24 October 2012 by Martijn Grooten

twitter.png
fb.png
linkedin.png
googleplus.png
reddit.png

 

Latest posts:

Throwback Thursday: Giving the EICAR test file some teeth

The 68-byte EICAR test file plays as important a role today as it did 19 years ago. In this week's Throwback Thursday we look back at a VB99 conference paper in which Randy Abrams described how this 'miracle tool' worked and how it could be used.

XMRig used in new macOS cryptominer

A new piece of cryptocurrency-mining malware on macOS has been found to use the popular XMRig miner.

Tendency for DDoS attacks to become less volumetric fits in a wider trend

CDN provider Cloudflare reports an increase in DDoS attacks targeting layer 7 and focusing on exhausting server resources rather than sending large volumes of data. This fits in a wider trend.

Turkish Twitter users targeted with mobile FinFisher spyware

Through fake social media accounts, users were tricked into installing an Android application that was actually a mobile version of the FinFisher spyware.

Hide'n'Seek IoT botnet adds persistence

The Hide'n'Seek IoT botnet has received an update to make its infection persist on infected devices beyond a restart.