Antivirus can’t keep you safe: researchers discover sophisticated malware hiding for 5 years

Posted
Home / Blog / IT security news / Antivirus can’t keep you safe: researchers discover sophisticated malware hiding for 5 years
Antivirus can’t keep you safe: researchers discover sophisticated malware hiding for 5 years

One of the underlying assumption for why people use BankVault is that they don’t or can’t trust that their devices are free from infection—not enough for financial transactions.

It’s a reasonable assumption to make. You’ll typically see studies claiming between 10 and 30 percent of all computers have malware infections.

The data for these studies are generally gathered from security vendor scans of customer networks or from companies that test antivirus software. The point these studies really emphasise is that the volume and variety malware is growing exponentially.

A more realistic indication of your own computer’s likely infection will depend on how well it is protected and updated.

What would be really useful to know is the percentage of well-maintained, up-dated and secured computers that are infected. Or the number of computers that are infected by malware types we don’t yet know about.

Those would be alarming statistics because most people assume that if they have paid for antivirus and keep their computer updated, they should be safe. Unfortunately, it doesn’t. More and more malware bypasses antivirus software.

Exemplifying this, researchers have recently discovered advanced malware which stayed hidden on a computer for 5 years. Most likely the product of a sophisticated nation-state creators, the malware used unique operations each time to avoid detection by patterns. It included approximately 50 modules which allowed it to be easily managed and customised.

Dubbed “Project Sauron” by researchers at Kaspersky Labs and “Remsec” by Symantec, the purpose of the malware seems to be to obtain passwords, cryptographic keys, configuration files and IP addresses from targeted organisations such as governments, scientific research centres, defence organisations, telcos and financial institutions.

It’s a fascinating example of where the attack landscape is heading. But consider this: now that it has been discovered, it won’t be long until it is adapted and recycled by other attackers for less patriotic purposes.

Another interesting feature of this malware is that it’s designed to remain hidden on computer disk drives and transfer itself to any USB drive plugged in, without detection. It can therefore could even hack data on air-gapped computer networks—computers that are completely disconnected from the internet! It’s an incredible discovery, showing precisely why you cannot entirely trust the computer you’re working on.

So with malware increasingly effective at targeting computers and avoiding detection, surely an alternative approach makes sense?

That’s what we think too. BankVault moves the goalposts so none of this matters.

Think of it this way. If it was possible, the smart approach would to buy a brand new computer each time you went online, use it once, and then discard it in case it was infected.

That is essentially what BankVault does. It builds a pristine new virtual PC at a random Internet address which you use to login to your bank. Your normal (potentially infected) PC stays completely shut off during the process.

BankVault is a very simple approach, but fundamentally different to the detection and prevention approaches of any other antivirus or security product—and that’s why it’s so effective.

BankVault doesn’t try to detect or block malware, it sidesteps the attack by moving your critical activity somewhere temporary, secret and safe, negating whatever the attacker might have (or have not) done to your PC.

Conveniently, it also allows you to inspect potentially dangerous websites or open risky email attachments, even those containing malware. Even if malware does run/execute, it doesn’t matter because you will discard the BankVault machine and login again next time to create a completely fresh one. That’s why BankVault is unique.