Author Topic: New attack bypasses virtually all AV protection  (Read 5528 times)

0 Members and 1 Guest are viewing this topic.


Offline Rednose

  • Pirate Party Member
  • Avast Überevangelist
  • Massive Poster
  • *****
  • Posts: 3742
  • Bits of Freedom : https://www.bof.nl
    • Nederlandstalig Avast! forum
Re: New attack bypasses virtually all AV protection
« Reply #1 on: May 09, 2010, 05:15:34 PM »
It's not new, and definitely not found by David Matousec :

http://www.wilderssecurity.com/showpost.php?s=2421b4af54971efadce10823563dece4&p=1673813&postcount=75

Greetz, Red.
OS: Win 10 / iOS 17 / Debian 12 / Tails 6
Real Time: Avast Premium Security
On Demand: Malwarebytes
VPN: NordVPN ( NordLynx ) with Threat Protection ( Lite )

WhiteZero

  • Guest
Re: New attack bypasses virtually all AV protection
« Reply #2 on: May 09, 2010, 11:27:22 PM »
Thats cool, but it is any less of a concern?

Offline Vlk

  • Avast CEO
  • Serious Graphoman
  • *
  • Posts: 11655
  • Please don't send me IM's. Email only. Thx.
    • ALWIL Software
Re: New attack bypasses virtually all AV protection
« Reply #3 on: May 10, 2010, 09:38:52 AM »
Not really. Unless the malware is already loaded, none of this is really an issue...
If at first you don't succeed, then skydiving's not for you.

doktornotor

  • Guest

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: New attack bypasses virtually all AV protection
« Reply #5 on: May 12, 2010, 08:58:23 PM »
Not really. Unless the malware is already loaded, none of this is really an issue...
I would confirm that from my experience - the latest TDSS variant falls under this heading

doktornotor

  • Guest
Re: New attack bypasses virtually all AV protection
« Reply #6 on: May 12, 2010, 10:08:08 PM »
Khobe-Wan: These Aren’t the Droids You’re Looking for - another one (ESET Threat Blog).

Quote
This method has not been seen in the wild until today. As we can see, a similar (or pretty much the same) PoC was published almost over 6 years ago. Over the time, no malware misused this.
As already mentioned, the vulnerability is there, but its magnitude is more of a pin dropping on the floor than an 8.0 earthquake, when it comes to its impact on the overall security of our customers’ PCs. However, we are looking into this to see how we can prevent these attacks in case we start to see them being misused.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76029
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: New attack bypasses virtually all AV protection
« Reply #7 on: May 12, 2010, 11:30:13 PM »
Not really. Unless the malware is already loaded, none of this is really an issue...
I would confirm that from my experience - the latest TDSS variant falls under this heading

Thanks a lot for confirming this, essexboy..!! :)
asyn
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0