Fake Antivirus

Journey from Trojan to Persistent Threat

Fake antivirus (FakeAV) is one of the largest families of malware that we have seen in recent times. FakeAV has grown over the years to be a persistent and prevalent threat. In this paper, we study the evolution of FakeAV over the last three-and-a-half years. We analyze the major FakeAV events, infection vectors and some important anti-emulation/anti-reverse engineering (RE) tricks used by FakeAV packers. We also analyze how exploit kits are used to infect users with FakeAV and study how a polymorphic packer found in underground internet forums is used to encrypt and compress the malware binary.

Scarica Fake Antivirus: Journey from Trojan to a Persistent Threat

In this paper, we study the evolution of FakeAV over the last three-and-a-half years. We analyze the major FakeAV events, infection vectors and some important anti-emulation/anti-reverse engineering (RE) tricks used by FakeAV packers. Scarica subito

By Jagadeesh Chandraiah, Researcher, SophosLabs UK

scarica Prova gratuita dei prodotti Sophos
Scarica subito

I commenti dei clienti

"Sophos ci ha permesso di risparmiare tempo, risorse e denaro"
Sam Ghelfi, Raymond James

Leggi oltre

Premi e riconoscimenti

Awards