Jump to content

Recommended Posts

 

 

shouldnt proactive defence stop it?

 

and if not kaspersky should update it fast and if you fill like it get a seprate HIPS.

 

im hopeing for the time being f-secure can protect me against it before i get kav.

Edited by lodore

Share this post


Link to post

IMHO this is just stup**, not because it would be unreal, but because this is nothing new.

 

Code modification to avoid detection is something that was always there. Basic signatures are most vulnerable to this type of attacks since normally it is enough to just do a small hex change... This is one of the reasons why there are generic signatures that try to do a better, more "generic" job. If you are able to emulate the code (remember that this particular case is about javascript) then you can also use heuristic and behavioral detection... However to say the truth, if someone is serious enough and has the time to play the game (against avers) and change the code so it is undetected then he will always be able to do that and in this case where we talk about javascript code this is even more true, since javascript allows for extreme code modification and javascript by itself is also something that is quite simple to learn and this allows even the non advance users to modify the code.

 

So yes, there are ways to try to detect this and try to fight back, but i am afraid that in reality there is nothing you can do to really eliminate this (100% detection). Just learn to live with it :mellow:

Edited by saso

Share this post


Link to post

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.