PC Magazine - Security Watch: Malware Loves Company: How Malware Evolution Triggered a Change in Our Testing

/Home/Internet Security: Blogs/Internet Security: PCMag blog/PCMag: Security Watch 2013

Nov 13, 2013
By Neil J. Rubenking

For the malware-infested virtual machines that I use in testing antivirus products, it's deja vu every time I start a new test. I roll back the virtual machine to the exact same starting point for every test, then install (or try to install) the antivirus and challenge it to clean up. But sometimes something more happens; sometimes the malware invites friends over to play.

The days of the lone hacker writing viruses just for the heck of it are long gone. Today there's a whole malware ecosystem, and one thriving component of that ecosystem involves ride-alongs, situations where one cyber-crook pays another to piggyback a new threat on existing malware. The ones we call "droppers" don't even have a malicious payload; they just serve as a foot in the door for other malware.

What does that mean for my testing? The longer an infested system gets to operate before a new antivirus can get fully installed and run a scan, the more chances there are for the existing infestation to invite friends in for a party. Getting protection installed on those systems sometimes takes days of work by tech support. While they're staying busy, so is the malware; scary!

Click the URL above to read the full article