chevron_left chevron_right
Login Register invert_colors photo_library
Stay updated and chat with others! - Join the Discord!
Thread Rating:
  • 1 Vote(s) - 5 Average


Virus Removal Tools filter_list
Author
Message
RE: Virus Removal Tools #11
(05-29-2015, 02:28 PM)mothered Wrote: You're missing the point, It's not about coding a piece of malware "dedicated" to VMs and VMs alone.

Any smart malware coder, will cater for numerous exploitation vectors. The more a system Is susceptible to attack, the better, thus a given malware will be open to all avenues of attack. It's like when a keylogger Is coded with all "Antis"- Anti-VM, Anti-Sandboxie, Anti-AV and so forth.
As for compromising a VM, It's not that difficult as many users many think.

And you're missing my point. What I'm trying to say is that incorporating an "Anti-VM" into a piece of malware would be very difficult and increase the file size drastically, which for high spread infection, is normally detrimental to infection rates (which is what they're looking for). Normally, dropping between VM to host is done through the network, such as bridged, but these things can be avoided.

Being able to secede from a VM and then execute the file, from the internals of the VM, to the outside host isn't something you'll see everyday, and even more difficult than spreading via a vulnerable network.

Reply

RE: Virus Removal Tools #12
(05-30-2015, 08:22 AM)Ultimatum Wrote: And you're missing my point. What I'm trying to say is that incorporating an "Anti-VM" into a piece of malware would be very difficult and increase the file size drastically, which for high spread infection, is normally detrimental to infection rates (which is what they're looking for). Normally, dropping between VM to host is done through the network, such as bridged, but these things can be avoided.

Being able to secede from a VM and then execute the file, from the internals of the VM, to the outside host isn't something you'll see everyday, and even more difficult than spreading via a vulnerable network.

My "Antis" was just an analogy, and not specific to a given malware coding methodology.

You need to realize that wherever there Is a connection (bridged or otherwise), there's EVERY chance of Infection. Respectfully speaking, If I took your attitude on board of "very difficult", I'd get nowhere with my computational tasks, security and goals. Yes, Infecting the Host OS from the Guest OS via bridged virtual switch may be a somewhat arduous task, but that's what makes a malware coder an elite one- no boundaries In achieving the objective.

You have your opinion and I respect that. The term "difficult" doesn't exist In my vocabulary. If It did, I'd fail before I even started.
[Image: AD83g1A.png]

Reply

RE: Virus Removal Tools #13
Yes, I understand what you're saying, and I don't deny that.

I'm just referring to the daily user who cannot afford to be paranoid at every corner. Taking appropriate settings and precautions with VMs should be enough. Awareness and doing something about it is a good start, which most people don't have.

Reply

RE: Virus Removal Tools #14
(05-07-2015, 06:56 AM)mothered Wrote: They're from reputable websites, hence no need for online virus scan reports and are available as a freeware download.

This is the type of mentality that will get you infected.
XMPP - wrath@xmpp.jp

Reply

RE: Virus Removal Tools #15
(05-30-2015, 04:14 PM)nothing.nobody Wrote: This is the type of mentality that will get you infected.

I can certainly vouch for that to a degree. At minimum stuff you download from reputable sites could still install a bunch of adware plugin bullshit you don't want or need. Hell, look at Adobe, they install fuckin' MCAFEE when you download flash! The "average user" that we're all talking about doesn't think twice to uncheck the box, they just click click click until there isn't an option to click anymore, then get confused when their system is loaded down with garbage.
---
Click here to get started with Linux!

If I helped you, please +rep me, apparently we've started over on Rep and I'd like to break 100 again...

Inori Wrote: got clickbaited by roger

Reply

RE: Virus Removal Tools #16
(05-30-2015, 04:14 PM)nothing.nobody Wrote: This is the type of mentality that will get you infected.

So you're saying "Kaspersky.com", who's objective Is to protect against threats will actually contain Infected links? Counter-productive Isn't It?


(05-30-2015, 04:29 PM)roger_smith Wrote: I can certainly vouch for that to a degree. At minimum stuff you download from reputable sites could still install a bunch of adware plugin bullshit you don't want or need. Hell, look at Adobe, they install fuckin' MCAFEE when you download flash! The "average user" that we're all talking about doesn't think twice to uncheck the box, they just click click click until there isn't an option to click anymore, then get confused when their system is loaded down with garbage.

There's a big difference between an "Infection" and "Ad-Supported" software, with the latter as per your documentation here, being a "legitimate" Installation of the McAfee product.
[Image: AD83g1A.png]

Reply

RE: Virus Removal Tools #17
(05-31-2015, 03:20 AM)mothered Wrote: So you're saying "Kaspersky.com", who's objective Is to protect against threats will actually contain Infected links? Counter-productive Isn't It?

The word "infected" doesn't limit itself at malware, infected can mean many things. Also, I wasn't implying that those websites will infect you. I'm saying that the logic "this website is popular, so it must be safe" is flawed on many different levels. Someone could've rooted those sites and injected malicious code into those programs, anything's possible and you would have never known. Virus scans are always necessary, no matter the vendor of the product. To say that a virus scan on a program from a trusted website isn't important is just ignorant.
XMPP - wrath@xmpp.jp

[+] 1 user Likes Crypt's post
Reply

RE: Virus Removal Tools #18
(05-31-2015, 03:20 AM)mothered Wrote: So you're saying "Kaspersky.com", who's objective Is to protect against threats will actually contain Infected links? Counter-productive Isn't It?



There's a big difference between an "Infection" and "Ad-Supported" software, with the latter as per your documentation here, being a "legitimate" Installation of the McAfee product.

You just fell into the trap which you accused me of. You're making a huge assumption, hoping that Kaspersky is safe (because of their intentions). Yet, when I talk about the unlikely hood of a VM-host malware, you make it sound like all pieces of malware are capable and targeted in this area.

There is a reasonable assumption that has to be made with daily use of computers. Paranoia is counter-productive, but recklessness will also surely be worse.

Though, overall, I understand what you're saying.

Reply

RE: Virus Removal Tools #19
(05-31-2015, 03:20 AM)mothered Wrote: So you're saying "Kaspersky.com", who's objective Is to protect against threats will actually contain Infected links? Counter-productive Isn't It?



There's a big difference between an "Infection" and "Ad-Supported" software, with the latter as per your documentation here, being a "legitimate" Installation of the McAfee product.

if you re-read my response, you'll see that I qualified my statement with phrasing like "at minimum" and the shocking-to-me concept that even Adobe is following that scheme. There are for more unscrupulous people with "ad supported software" on "reputable" sites. I consider cnet to be fairly reputable (at least they used to be) and I've also found my fair share of shady software from their site.

Lest we forget all the junk and malware that can be found on the Google Play Store...
---
Click here to get started with Linux!

If I helped you, please +rep me, apparently we've started over on Rep and I'd like to break 100 again...

Inori Wrote: got clickbaited by roger

Reply

RE: Virus Removal Tools #20
(05-31-2015, 03:27 AM)nothing.nobody Wrote: I wasn't implying that those websites will infect you.


You most certainly were. Your below statement Is In reference to my contribution, with your exact wording being "that will get you Infected". It's there In black and white.

(05-30-2015, 04:14 PM)nothing.nobody Wrote: This is the type of mentality that will get you infected.


(05-31-2015, 03:27 AM)nothing.nobody Wrote: I'm saying that the logic "this website is popular, so it must be safe" is flawed on many different levels. Someone could've rooted those sites and injected malicious code into those programs, anything's possible and you would have never known.

Show me where In this Instance ("kaspersky.com" hosting their own files) has been maliciously compromised. In fact, show me where ANY of the links that I've contributed have been maliciously attacked and are Infected. Unless you have solid evidence to backup
your statement here, you have no grounds to warrant what you've posted.


(05-31-2015, 03:27 AM)nothing.nobody Wrote: Virus scans are always necessary, no matter the vendor of the product. To say that a virus scan on a program from a trusted website isn't important is just ignorant.

Well, I suppose I'd better get In contact with Microsoft and ask them to provide virus scan reports on each and file they have available for download on their site. Goodness me, this Is simply hilarious.



(05-31-2015, 03:31 AM)Ultimatum Wrote: You just fell into the trap which you accused me of. You're making a huge assumption, hoping that Kaspersky is safe (because of their intentions). Yet, when I talk about the unlikely hood of a VM-host malware, you make it sound like all pieces of malware are capable and targeted in this area.

Well, please prove me wrong with Kaspersky and show me a single piece of evidence point to Kaspersky alone, being malicious In nature. And where did I mention, directly or Indirectly In any way shape or form that "all pieces of malware" are capable?



(05-31-2015, 03:40 AM)roger_smith Wrote: if you re-read my response, you'll see that I qualified my statement with phrasing like "at minimum" and the shocking-to-me concept that even Adobe is following that scheme. There are for more unscrupulous people with "ad supported software" on "reputable" sites. I consider cnet to be fairly reputable (at least they used to be) and I've also found my fair share of shady software from their site.

You're missing the point.

Your response (In your previous post) was pertaining to "Infection", yet you've posted: "Hell, look at Adobe, they install fuckin' MCAFEE when you download flash". My point Is (In reply to your statement), that the Installation of McAfee Is a legitimate "Ad-Supported" Installation of the product and not an Infection (malicious).

We're on the topic of malicious content, however for some reason, you fail to differentiate between what's considered malicious and what's an actual legit product.

In conclusion, show me where any of my contributed links contain "malicious" content and I will gladly stand corrected.
[Image: AD83g1A.png]

Reply






Users browsing this thread: 1 Guest(s)