Reply to post: Re: Checksum? Hash?

UEFI malware rears ugly head again: Kaspersky uncovers campaign with whiff of China

David Shaw

Re: Checksum? Hash?

"part of any regular virus scan"

the regular ongoing 'spam-cannon' related virus flinging that is done to my systems, some of the links, documents etc can be detected to have a virus , or come from a domain which is heavily virally active previously.

However when typically I check something 'very dodgy' with virustotal.com, now owned by google, some actual malware are only discovered by a single one of the fifty/sixty/seventy virtual environments.

(When my mac was hit by a javascript virus embedded in an email, only a single AV system detected it, 8 years later) how can this happen, why doesn't a regular scan detect these attacks

Well, the cyberattack pros have rooms with fifty/sixty/seventy PCs each running the latest AV engine, and tweak their code until no-one gets it; and/or some AV services (owned by google, say, or yandex) might be rather partial in their effectiveness - I see no ships!

I still have a few scanners, run them alternately, and VirusTotal.com (owned by slurp) is still just about working

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021