{"id":9864,"date":"2015-07-30T19:07:35","date_gmt":"2015-07-30T23:07:35","guid":{"rendered":"http:\/\/thundercloud.net\/infoave\/new\/?p=9864"},"modified":"2015-07-30T19:07:35","modified_gmt":"2015-07-30T23:07:35","slug":"emsisoft-stops-trojans-most-other-security-software-cant-stop","status":"publish","type":"post","link":"https:\/\/www.thundercloud.net\/infoave\/new\/emsisoft-stops-trojans-most-other-security-software-cant-stop\/","title":{"rendered":"Emsisoft stops trojans most other security software can’t stop"},"content":{"rendered":"

Emsisoft stops trojans most other security software can’t stop<\/h1>\n

We have been recommending Emsisoft for quite a while now. We’ve gotten to know the Emsisoft team pretty well. We knew after we spent months testing antivirus and anti-malware software that we’d found a winner: Emsisoft.<\/p>\n

Over the months and years now, Emsisoft has never let us, our readers or our customers down. It seems every time we turn around Emsisoft is winning another award or recieving accolades from people in the know.<\/p>\n

We’re proud of Emsisoft and we’re proud to be associated with them. Recently Emsisoft received more praise for being one of only 5 (out of 34) antivirus \/ anti-malware vendors that successfully blocked state-sponsored Trojans.<\/p>\n

I suppose I could yammer on and on about Emsisoft, but I’ll restrain myself. We’ll let Emsisoft tell you of their latest triumph in their own words.<\/p>\n

We are publishing this with the permission of our friends at Emsisoft:.<\/p>\n

\n

Leaked files from state-sponsored hackers reveal which protection their trojans can\u2019t get past<\/h2>\n
In Security Knowledge<\/a> by Carla<\/a> on July 27, 2015 | Fran\u00e7ais<\/a>, English, Deutsch<\/a><\/div>\n

Your typical anti-malware provider has their products tested in a lab to bolster credibility. But with recent leaks on massive surveillance companies, there\u2019s new data available to help measure how good popular anti-malware products are at detecting unwanted threats.<\/p>\n

What do surveillance companies have to do with anti-malware?<\/h3>\n

There is a lot of controversy that surrounds big surveillance firms, and for good reasons. These companies help their clients (often times government agencies) spy on people and on other organizations or countries.<\/p>\n

While many claim that this is for the safety of their people, big governments often have to hire these firms that specialize in making malware, breaching the privacy of unassuming individuals. How these firms develop their malware deeply involves anti-malware programs \u2013 they must test leading anti-malware software so that they can develop undetectable trojans that successfully infect systems.<\/p>\n

Normally, this kind of internal information is kept incredibly private. These firms have highly sensitive data concerning their products and their customers that could really compromise international intelligence agencies.<\/p>\n

But some high-profile leaks in the last twelve months are not only political, they\u2019re practical.<\/strong>\u00a0Below we\u2019ll discuss two surveillance hacks that reveal which anti-malware providers are actually most effective in keeping unwanted programs off your computer.<\/p>\n

Hacking Team\u2019s trojan\u00a0detected by 5 out of 34\u00a0antivirus vendors<\/h3>\n

Hacking Team is a Milan-based company that provides surveillance technology to clients from all over the world, including governmental agencies in countries such as Russia and the United States.<\/p>\n

In early July, an unknown hacker released a torrent of 400 GB of company data<\/a>. This included internal communications and code, as well as records of anti-malware testing.\u00a0This screenshot of one of their internal documents shows a number of anti-malware suppliers and how Hacking Team\u2019s trojan, Galileo, fared against their products in performance tests.<\/p>\n

\"Emsisoft<\/a><\/p>\n

Green means the malware bypassed the antivirus and was able to infect the system.\u00a0Yellow means it was able to\u00a0infect the system and was operational, but during the process some unspecific\u00a0pop-ups may have appeared (like a generic firewall alert).\u00a0Red means that a\u00a0malware detection was triggered.\u00a0A few vendors were \u2018blacklisted\u2019 by Hacking Team\u2019s trojan. That means, the malware doesn\u2019t even bother to start any action when it notices that a specific protection software is running. That way it remains hidden, but also can\u2019t do any spying. As you can see in the full table, only 5 out of 34<\/strong> vendors were able to detect\u00a0the Hacking Team malware.<\/p>\n

FinFisher\u2019s malware agent FinSpy able to bypass 31 out of 35 vendors<\/h3>\n

FinFisher is a German-based firm responsible for programs that enable governments to surveil citizens. This type of surveillance, called \u201clawful interception malware\u201d is very controversial, as it\u2019s\u00a0questionable if these programs<\/a> actually help protect people at all.<\/p>\n

In September 2014 Wikileaks took a stand against FinFisher and accused the surveillance firm of selling their\u00a0products and services to oppressive regimes. This leak involved the company\u2019s malware as well as internal documents. Among the information leaked was a\u00a0table of anti-malware softwares, which\u00a0reveals what\u00a0programs their malware agent FinSpy was able to dupe and which ones it wasn\u2019t.\u00a0FinFisher tested different programs with different versions of the trojan, and recorded how the different anti-malware programs responded to each threat. The following table gives an overview of the results. In the \u201cFull Trojan\u201d column (Install Admin) you can see which vendors warned or blocked the full trojan.<\/p>\n

\"\"<\/a><\/p>\n

The green \u201cpass\u201d means that the antivirus didn\u2019t detect any threat.\u00a0The yellow \u201cwarn\u201d means that the antivirus detected the trojan as suspicious and alerted the user about it. The red \u201cfail\u201d means that the trojan was detected as malicious. As you can see, the majority of vendors were not able to detect FinSpy at all (green). Only 4 out of 35\u00a0vendors reliably detected the threat as suspicious (yellow) or malicious (red) and therefore blocked it completely.<\/p>\n

Consider your privacy needs when choosing software<\/h3>\n

In studying the tables above, it\u2019s important to remember that products that failed to detect these trojans may be just as likely to fail to detect others. It\u2019s also possible that these products are run by companies that work with state-sponsored firms rather than against them.\u00a0What are your privacy needs? Are you concerned with protecting yourself against government surveillance?<\/p>\n

Choosing a program that keeps you safe from all types malware may seem impossible, but the tables above give you an unbiased look at what really works against surveillance trojans:<\/p>\n

1.\u00a0Vendors that detect Hacking Team\u2019s trojan<\/strong><\/p>\n

Emsisoft was able to block the Hacking Team trojan and was given the great honor of being blacklisted as a result! Sophos and CMC AV were the other programs that\u00a0Hacking Team blacklisted.\u00a0Comodo and Rising also did a great job by detecting and blocking Hacking Team\u2019s trojans in most cases.\u00a0A few other vendors showed \u201cnot-so-worrysome\u201d popups for Hacking Team, while\u00a0all other vendors were\u00a0not able to detect the trojan at all.<\/p>\n

2.\u00a0Vendors that detect Finfisher\u2019s malware<\/strong><\/p>\n

Emsisoft Anti-Malware, Comodo Internet Security, Outpost Security Suite Pro and\u00a0Trusport Total Security are\u00a0the only vendors that\u00a0were able to detect Finspy\u2019s full trojan in all cases.<\/p>\n

As shown above, Emsisoft performed very consistent since both Hacking Team\u00a0and Finfisher\u2019s malware had issues getting past (if at all).\u00a0Whatever program you choose, know that your privacy is important \u2014 don\u2019t put it in the wrong hands.<\/p>\n

Have a great, malware-free day!<\/p><\/blockquote>\n

Get more information about Emsisoft here.<\/a><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"

Emsisoft stops trojans most other security software can’t stop We have been recommending Emsisoft for quite a while now. We’ve gotten to know the Emsisoft team pretty well. We knew after we spent months testing antivirus and anti-malware software that we’d found a winner: Emsisoft. Over the months and years now, Emsisoft has never let us, our readers\u2026 Read More »<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1655,1462,1433,1669,1670,1656,1654,1674,10],"tags":[],"_links":{"self":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/9864"}],"collection":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/comments?post=9864"}],"version-history":[{"count":1,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/9864\/revisions"}],"predecessor-version":[{"id":9865,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/9864\/revisions\/9865"}],"wp:attachment":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/media?parent=9864"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/categories?post=9864"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/tags?post=9864"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}