(www.cyberscarecrow.com)

606 points toby_tw | 1 comments | 18 Jun 24 08:08 UTC | HN request time: 0.203s | source

Show context

wruza ◴[18 Jun 24 10:24 UTC] No.40716002[source]▶

Why does malware “stop” if it sees AV? Sounds as if it wanted to live, which is absurd. A shady concept overall, cause if you occasionally run malware on your pc, it’s already over.

Downloading a random exe from a noname site/author to scare malware sounds like another crazy security recipe from your layman tech friend who installs registry cleaners and toggles random settings for “speed up”.

replies(5): >>40716202 #>>40716228 #>>40716249 #>>40716286 #>>40721679 #

1. nic547 ◴[18 Jun 24 11:00 UTC] No.40716249[source]▶

>>40716002 #

It's not about the usual AV software, but about "fake" system used to try and detect and analyse malware. AV Vendors and malware researcher in general use such honeypots to find malware that hasn't been identified yet.

This software seems to fake some idiciators that are used by malware to detect wheter they're on a "real system" or a honeypot.

↑

Cyber Scarecrow