Anti-virus software significantly shortens life of banking trojans

Posted by   Virus Bulletin on   Oct 24, 2012

Security software causes malware to run for less than a third as long.

'Does anti-virus software actually help?' is a question often asked, even by security experts - who point to the fact that malware authors test their creations to make sure they aren't detected by anti-virus products before releasing them, and to the fact that good practice among users prevents a lot of attacks from happening in the first place.

Recent research carried out by Dutch security firm SurfRight, however, shows that running anti-virus software really does help. On machines on which the company's HitManPro product detected a banking trojan, the average lifetime of said trojan was 81 days when no anti-virus product was running. However, on machines that were running anti-virus software, the average lifetime was a mere 25 days.

SurfRight admits that these numbers should not be taken as exact science - after all, the research only included machines whose owners were suspicious that something was amiss in the first place. But we should note that the company offers a 'second opinion' security solution, and thus it would actually be in its interest to emphasise the failures of anti-virus software rather than its triumphs.

More at the HitManPro blog here.

Posted on 24 October 2012 by Martijn Grooten

twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

VBSpam tests to be executed under the AMTSO framework

VB is excited to announce that, starting from the Q3 test, all VBSpam tests of email security products will be executed under the AMTSO framework.

In memoriam: Prof. Ross Anderson

We were very sorry to learn of the passing of Professor Ross Anderson a few days ago.

In memoriam: Dr Alan Solomon

We were very sorry to learn of the passing of industry pioneer Dr Alan Solomon earlier this week.

New paper: Nexus Android banking botnet – compromising C&C panels and dissecting mobile AppInjects

In a new paper, researchers Aditya K Sood and Rohit Bansal provide details of a security vulnerability in the Nexus Android botnet C&C panel that was exploited in order to gather threat intelligence, and present a model of mobile AppInjects.

New paper: Collector-stealer: a Russian origin credential and information extractor

In a new paper, F5 researchers Aditya K Sood and Rohit Chaturvedi present a 360 analysis of Collector-stealer, a Russian-origin credential and information extractor.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.