Avira | Bach Seat

Tag Archive for Avira

RB | April 12, 2012

What is Malware?

Most users I talk to about malware seem to use the following terms interchangeably; malware, virus, trojan, keylogger, worm, backdoor, bot, rootkit, ransomware, adware, spyware, and dialer. Raymond.cc offers some standard definitions to clarify the conversations.

Malware is short for Malicious Software where all the terms above fall into this category because they are all malicious. The different term being used instead of just plain virus is to categorize what the malicious software is capable of doing.

Virus spreads on its own by smuggling its code into application software. The name is in analogy to its biological archetype. Not only does a computer virus spread many times and make the host software unusable, but also runs malicious routines.

Trojan horse/Trojan is a type of malware disguised as useful software. The aim is that the user executes the Trojan, which gives it full control of your PC and the possibility to use it for its own purposes. Most of the time, more malware will be installed in your system, such as backdoors or key loggers.

Worms are malicious software that aims at spreading as fast as possible once your PC has been infected. Unlike viruses, it is not other programs that are used to spread the worms, but storage devices such as USB sticks, communication media such as e-mail, or vulnerabilities in your OS. Their propagation slows down the performance of PCs and networks, or direct malicious routines will be implemented.

Key loggers log any keyboard input without you even noticing, which enables pirates to get their hands on passwords or other important data such as online banking details.

Dialers are relics from a time when modems or ISDN were still used to go online. They dialed expensive premium-rates numbers and thus caused your telephone bill to reach astronomic amounts. Dialers have no effect on ADSL or cable connections, but they are making a comeback with mobile devices and QR codes (I covered Attaging here).

Backdoor / Bots is usually a piece of software implemented by the authors themselves that enable access to your PC or any kind of protected function of a computer program. Backdoors are often installed once Trojans have been executed, so whoever attacks your PC will gain direct access to your PC. The infected PC, also called “bot”, will become part of a botnet.

Exploits are used to systematically exploit vulnerabilities of a computer program. Whoever attacks your PC will gain control of your PC or at least parts of it.

Spyware is software that spies on you, i.e. collect different user data from your PC without you even noticing.

Adware is derived from “advertisement”. Besides the actual function of the software, the user will see advertisements. Adware itself is not dangerous, but tons of displayed adverts are considered a nuisance and thus are detected by good anti-malware solutions.

Rootkit mostly consists of several parts that will grant unauthorized access to your PC. Plus, processes and program parts will be hidden. They can be installed, for instance, through an exploit or a Trojan.

Rogues / Scareware are also know as “Rogue Anti-Spyware” or “Rogue Anti-Virus”, rogues pretend to be security software. Often, fake warnings are used to make you buy the security software, which the pirates profit from.

Ransomware “Ransom” is just what you think it is. Ransomware will encrypt personal user data or block your entire PC. Once you have paid the “ransom” through an anonymous service, your PC will be unblocked.

There are different categories of malware the author says that most of the malware today combines different kinds of malware to achieve a higher rate of infection and giving more control to the hacker. Most malware is invisible that runs silently without your knowledge to avoid detection except for ransomware and adware.

Using “virus” as a catch-all phrase to include all types of malware is no longer right. The correct word to use should be malware. However, don’t expect the big anti-virus companies to rebrand their products to Kaspersky Anti-Malware or Bitdefender Anti-Malware because doing that may risk losing their brand identity even if they do offer a complete anti-malware solution.

The blog says it doesn’t mean that you’re safe if you don’t see it so it is important to run an anti-virus software from reputable brands such as Kaspersky, ESET, Avast, Avira, AVG (at one time AVG was installing a Yahoo toolbar without notice) MSE together with a second opinion anti-malware such as HitmanPro, Malwarebytes Anti-Malware, and SUPERAntiSpyware. As for Emsisoft Anti-Malware, it comes with its own Anti-Malware engine and Ikarus Anti-Virus Engine.

Flashback Trojan affects around 600,000 Macs (macmusings.wordpress.com)

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: 2012, Anti-Virus, Attaging, Avast, AVG Technologies, Avira, Botnet, Computer, ESET, Kaspersky, Malware, Ransomware, Security, Spyware, Trojan Horse, Virus

RB | July 13, 2010

Comments Off

Free Antivirus Rules Market

Free Antivirus Rules Market OPSWAT, Inc. a provider of integration technologies to software developers and vendors recently released a report on the use of antivirus applications. According to the report, free products control 42% of the product market, and vendors that primarily offer a free product have a 48% market share.

The top 10 Windows antivirus applications for January to May 2010 according to OPSWAT were:

avast! Free Antivirus 11.45%
Avira AntiVir Personal – Free Antivirus 9.19%
AVG AntiVirus Free 8.6%
Microsoft Security Essentials 7.48%
avast! Antivirus 5.4%
Kaspersky Internet Security 4.48%
Norton AntiVirus 4.24%
ESET NOD32 Antivirus 3.84%
avast! Antivirus Professional 3.5%
McAfee VirusScan 3.26%

This data indicates that free products account for 42% of the market. From a vendor perspective, European vendors, total just over 50% of the market which include:

AVAST,
Avira,
AVG,
ESET,
Panda,
BitDefender,
G Data and
Sophos.

Whereas US-based vendors, make up just over 30% include:

Symantec (SYMC),
Microsoft (MSFT),
McAfee,
PC Tools
and Sunbelt.

Vendors that primarily offer a free product have a 48% market share.

The top 10 Windows antivirus vendors by market share for January to May 2010 according to OPSWAT were:

AVAST Software 19.14%
Avira GmbH 11.39%
Symantec Corp. 10.06%
Microsoft Corp. 9.29%
AVG Technologies 9%
McAfee, Inc. 7.3%
Kaspersky Labs 5.96%
ESET Software 5.66%
Panda Software 3.44%
Trend Micro, Inc. 2.8%

rb-

According to the firm’s website, OPSWAT collected information from tens of thousands of volunteers out of the 50 million endpoints that use the OESIS Framework and the free Am I OESIS OK? online utility with which end users can check the interoperability and quality level of their applications. I have said this before, with other fun factoids like this, the adoption rate of the vendor’s tools may skew the results. Nonetheless, it is notable that

Microsoft, not usually seen as a security vendor has captured a significant share with their recent anti-virus solutions and could be a legitimate challenger to pure-play security players Symantec and McAfee.
Symantec and McAfee who are often seen as the top choices in the U.S. do not do well in this list. This data seems to show that AV competition is alive and well in the highly fragmented consumer sector.
The fragmented marketplace may help keep innovation active in the AV market, which is a good thing in the face of the increasing variety of threats from malware.

So despite the claims of this or that vendor to dominate a market based on sales numbers, the OPSWAT data seems to show that end-users have developed a degree of trust in free antivirus applications to keep them secure as they do with paid antivirus.

Microsoft Remains the Leading Anti-Virus Vendor, Research Shows (news.softpedia.com)

Category: Uncategorized | Tags: 2010, Anti-Virus, Avast, Avira, Business, Kaspersky, Malware, McAfee, Microsoft, MSFT, Opswat, Security, Symantec, SYMC, Trend Micro

RB | December 9, 2009

Comments Off

Which Anti-Malware is Best?

Which Anti-Malware is Best? In a report, AV-Comparatives compared the base performance of some of the top anti-malware products on the market. The objective of these tests was to identify how well antivirus scanners can detect new malware using their base functions.

Base anti-malware functions included their proactive scanning and heuristics methods, without the advantage of downloading the latest signatures. Forcing a test without the latest virus signatures makes it possible to evaluate the strength of the heuristic-or proactive, technology of the anti-malware engines.

ArsTechnica summarizes that the tests were run on two sets of malware. Set A, which contains malware from December 2007 to December 2008 (of which most products could detect over 97%). Set B, contained 1.6 million samples of malware collected between August 11 and August 17, 2009. This set included the following categories of malware: Trojans (69.5%), Backdoors/Bots (20.7%), Worms (6.1%), other malware (1.5%), and Windows viruses (0.4%).

Results

Ars reported these proactive detection results (rounded to the nearest percent):

After taking these results into consideration and adjusting for false positives, AV-Comparatives rated the security companies from best to worst in three categories:

Advanced+:
- G DATA,
- Kaspersky,
- ESET,
- F-Secure,
- Microsoft,
- Avast,
- eScan.
Advanced:
- AVIRA,
- AVG,
- Symantec.
Standard:
- McAfee,
- TrustPort,
- Sophos,
- Norman,
- Kingsoft.

In September of 2008 NetworkWorld reported on Gartner claims that enterprises are paying too much for security software. Gartner says vendors simply aren’t doing enough to keep up with the prevalence of threats on the Internet. Neil MacDonald, a research vice president at Gartner says that security vendors are “maintaining high-profit margins on firewalls and antivirus software despite these products being nothing more than commodities.” NetworkWorld says that during his presentation at the Gartner’s 2008 IT Security Summit in London, Mr. MacDonald was vociferous in his condemnation of how security products are actually increasing their prices over the years across a backdrop of lowered effectiveness, contradicting pricing schemes across the rest of the IT industry.

Anti-malware pricing is broken

Security vendors have maintained a pricing scheme that contradicts the rest of the IT industry, Mr. MacDonald said. Typically with software or hardware, prices go down year after year with the introduction of new and better products. In some cases, however, security software often loses its effectiveness as new threats emerge, while prices stay high. “Why in antivirus year after year do we pay more for something that gives us less?” MacDonald asked. “It’s insanity. Why is information security immune from the trends of the IT industry?”

Gartner recommends that firms use the commodity status of security software to their advantage, “I know it’s hard to switch but you have to seriously enter the negotiations,” MacDonald said. “Let the vendors know that you are not afraid to switch.” And he recommends that buyers should aggressively negotiate for better prices.

rb-

While most malware writers are script kiddies with an affinity to making minor modifications to existing malware there are some very good black hat hackers out there that are not dummies. These tests are important for buyers to understand which product’s core functionality is more efficient against new threats and not rely on constant updates to augment their capabilities. In the face of new threats, superior heuristic capabilities are crucial to anti-malware software? The weekly, daily, or even multiple times a day, definitions updates are the lifeline of the anti-malware industry. The need for constant updates is what drives the annual payments for subscriptions.

Category: Uncategorized | Tags: 2009, Anti-Virus, Avira, Bitdefender, Gartner, IT, Malware, McAfee, Microsoft, MSFT, Security, TrustPort, Windows

Bach Seat