Your browser is obsolete!

The page may not load correctly.

Anti-virus fallacies

Антивирусная неправда

Other issues in this category (39)
  • add to favourites
    Add to Bookmarks

Is an anti-virus a double-dealer?

Read: 9695 Comments: 2 Rating: 9

Tuesday, September 19, 2017

Often, depending on what a computer is being used for, its owner’s opinion about the benefits of using an anti-virus can vary. For example, gamers are sure that an anti-virus can only do harm—it loads a processor and inhibits game play.

And articles appear describing cases of attackers being able to use an anti-virus to attack protected computers—i.e., use a useful utility program to cause harm.

A team of researchers from two German universities have developed a method for converting an anti-virus scanning engine into a tool for cyberattacks.

The attacks are based on an anti-virus's ability to use signatures to detect malware. If a copy of a malware signature is injected into a legitimate file, an anti-virus will recognise it as malware and remove it (at best, it will move it to the quarantine). Thus, an attacker can undermine the work of an entire enterprise.

The experts used signatures to carry out three types of attacks: providing cover for password guessing by removing application logs, deleting user emails, and simplifying attacks by removing browser cookies.

http://www.securitylab.ru/news/486076.php

That would seem scary enough! But there is a tiny nuance. If attackers can replace a system file, it means:

  1. They have permissions similar to those administrators have.
  2. They can upload a file so that the anti-virus won't detect anything (recall that an attack routine assumes that an anti-virus detects a file as being malicious).
  3. They can do things the anti-virus won’t see (copy, rename, and unzip files).
#Dr.Web_settings #myth #gamer

The Anti-virus Times recommends

  1. The mass media likes horror stories. It's easier to scare the pants off people than to explain complicated things. And along with relevant news that really requires a response from system administrators and users, the information space is full of news aimed at stirring emotions.
  2. Almost everything that exists in nature or is human-created can be used for both benefit and harm. An anti-virus really can be used for such an attack. But for that to happen, an attacker must have the ability to disable it at any time.

To avoid this, protect your anti-virus with a reliable password.

Setting a password ensures that your Dr.Web protection won't be disabled—even if your PC gets hacked.

To set a password for accessing Dr.Web

Click on the Padlock #drweb icon (the icon will change to Open padlock #drweb) and then on the newly appeared Settings #drweb icon; select Main in the Settings menu. Toggle on the corresponding option, and click on Change password.

#drweb

Important! You should not protect your anti-virus with a password similar to the one used to protect system access, much less store the password on the same computer.

[Twitter]

Tell us what you think

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.

Comments