Another Close Up with Anti-Virus Tools

Posted on by

In the last few days, the folks that make sub7, a pretty common and well known Windows back door/remote access tool, released a new version. You can find more about the capabilities of this application here.

Since I have been doing a bit of research lately that has included anti-virus and their often abysmal detection rates, I decided to test this new version of Sub7 against the VirusTotal scanning base. You can find the results here.

As you can see, the detection rates for this “remote access tool” is just under 55%. This time, all three of the major enterprise vendor products catch the malware nature, but the most common free tool, AVG, misses it entirely. As such, organizations are likely protected, but a vast many home user and consumer machines will be unable to detect the install of this very common attacker tool.

As with many of the posts about this in the past, I simply point this out to folks to help them come to an understanding of the true levels of protection that AV offers. Many people see it as a panacea, but clearly, it is not. AV is a needed part of defense in depth, but additional controls and security tools are required to create effective detection for malware infections.

This entry was posted in General InfoSec by Brent Huston. Bookmark the permalink.

About Brent Huston

I am the CEO of MicroSolved, Inc. and a security evangelist. I have spent the last 20+ years working to make the Internet safer for everyone on a global scale. I believe the Internet has the capability to contribute to the next great leap for mankind, and I want to help make that happen!

Leave a Reply