detection Archives

Tech Optimizer

June 2, 2025

AVCheck cyber crime service snared in police takedown

An international law enforcement initiative has dismantled an online software crypting syndicate that helped cybercriminals evade malware detection. The operation, led by the FBI's Houston Field Office and involving agencies from the Netherlands, Finland, and the US Secret Service, resulted in the seizure of four domains, the takedown of 300 servers, the neutralization of 650 domains, and the issuance of nearly two dozen international arrest warrants. Matthijs Jaspers from the Netherlands' High Tech Crime Team highlighted the challenges of tracking cybercriminals and the importance of collaborative efforts in combating cybercrime.

Tech Optimizer

June 2, 2025

Key service for malware developers taken offline

The takedown of AVCheck, a major Counter Antivirus (CAV) service used by cybercriminals, disrupts their ability to test malware against antivirus detection, thereby hindering successful attacks. Matthijs Jaspers from the High Tech Crime Team highlighted that this operation is crucial in combating organized cybercrime, as it prevents early-stage criminal activities. The investigation revealed connections between AVCheck and other services like Cryptor.biz and Crypt.guru. Additionally, law enforcement has taken proactive measures, including deploying a fake login page to deter AVCheck users and collaborating with Project Melissa to target malware services. The need for coordinated efforts among various sectors is emphasized to effectively combat cybercrime.

Tech Optimizer

June 2, 2025

Hackers Allegedly Selling Windows Crypter Claims Bypass of All Antiviruses

Underground cybercriminal forums are seeing an increase in advanced malware tools, including a Windows crypter that claims to bypass major antivirus solutions. This crypter is marketed as fully activated and capable of achieving Full Undetectable (FUD) status against contemporary antivirus engines. It employs advanced obfuscation techniques to evade detection, including code injection methods, entropy manipulation, and anti-debugging features. The tool allows for granular control over obfuscation parameters, enabling customization for specific target environments. The rise of such sophisticated evasion tools poses challenges for traditional endpoint security, making organizations vulnerable if they rely solely on signature-based antivirus solutions. To defend against these threats, organizations should adopt multi-layered security architectures, including behavioral analysis and endpoint detection and response (EDR) solutions.

Tech Optimizer

June 1, 2025

Bitdefender vs. Norton: Which Antivirus Titan Reigns Supreme for Your Digital Safety?

Bitdefender was established in 1996 and rebranded in 2001, becoming the most popular mobile antivirus in North and South America in 2022. Norton was founded in 1982 and became well-known after Symantec's acquisition. Bitdefender achieves over 98% detection rates online and offline, with five false positives in tests, while Norton exceeds 99% online and 97% offline but has a higher false positive rate. Bitdefender offers a configurable firewall in its Total Security package, while Norton provides a customizable firewall across all products. Bitdefender lacks identity theft protection in its core offerings but offers a separate service, while Norton includes comprehensive identity theft protection in its highest tier. Bitdefender includes a VPN with a 200MB daily cap, while Norton offers an unlimited VPN in most tiers. Bitdefender features an integrated password manager without two-factor authentication, while Norton allows credential sharing and has standalone options. Bitdefender provides basic parental controls, while Norton includes additional features like GPS tracking. Bitdefender enhances its packages with a file shredder and vulnerability scanner, while Norton offers SafeCam and Dark Web Monitoring. Bitdefender is known for resource efficiency, receiving awards for performance, while Norton also received recognition for its performance. Bitdefender has an easy-to-navigate interface, while Norton has a more complex interface. In AV-Comparatives tests, Bitdefender slightly surpassed Norton in offline detection and online protection rates. Bitdefender pricing starts at approximately .99/year for one device, while Norton starts at .99/year for one device as well.

Winsage

May 31, 2025

New Malware Compromise Microsoft Windows Without PE Header

A new strain of malware has been operating undetected on Windows systems for several weeks, utilizing advanced evasion techniques that corrupt its Portable Executable (PE) headers to avoid detection. Security researchers discovered this malware embedded in the memory of a compromised system during an investigation, using a 33GB memory dump that revealed its presence in a dllhost.exe process with process ID 8200. The malware, classified as a Remote Access Trojan (RAT) by Fortinet, employs batch scripts and PowerShell commands for its attack and has capabilities for screenshot capture, remote server functionality, and system service manipulation. Its command and control infrastructure uses encrypted communications, complicating detection efforts. The malware's distinctive feature is the deliberate corruption of DOS and PE headers, which hinders reverse engineering and complicates the reconstruction of the executable from memory dumps. Researchers had to manually locate the malware’s entry point and resolve complex import tables for it to function in a controlled environment.

Tech Optimizer

May 31, 2025

Authorities Dismantled AVCheck, a Tool For Testing Malware Against Antivirus Detection

Law enforcement agencies from multiple nations dismantled a cybercriminal operation that provided malware testing services to evade antivirus detection. This effort led to the seizure of four domains and their servers, disrupting infrastructure that facilitated ransomware attacks globally. U.S. Attorney Nicholas J. Ganjei announced the disruption of an online software crypting syndicate that helped cybercriminals keep their malware undetected. The seized domains offered counter-antivirus tools and crypting services, allowing criminals to obfuscate malware and gain unauthorized access to systems. Investigators conducted undercover purchases and analyzed services, revealing connections to ransomware groups targeting victims in the U.S. and internationally. The operation, part of Operation Endgame, involved collaboration among the U.S., Netherlands, France, Germany, Denmark, Ukraine, and Portugal, with the FBI Houston Field Office leading the U.S. investigation. The seizures occurred on May 27.

AppWizard

May 30, 2025

Android 16 beta testers get a look at its Advanced Protection security bastion

Google is rolling out the Advanced Protection feature for Pixel devices enrolled in the Android 16 QPR1 Beta 1 program, which includes browsing safeguards, app protections, and USB transfer restrictions. This feature aims to enhance device security and protect against online threats. The Advanced Protection Program was originally launched for users at risk of data breaches and was expanded last year to include passkeys and a simplified enrollment process. Additionally, an "Intrusion Detection" feature was noted, designed to log user activity for suspicious behavior. The Android 16 QPR1 Beta 1 update was released on May 20, 2025, and introduced a new design language called Material 3 Expressive.

Tech Optimizer

May 30, 2025

Police takes down AVCheck antivirus site used by cybercriminals

An international law enforcement initiative has dismantled AVCheck, a service that allowed cybercriminals to test malware against antivirus software. The official website, avcheck.net, now displays a seizure banner from U.S. and Dutch authorities. AVCheck was one of the largest counter antivirus services, providing insights into malware evasion tactics. Investigators found connections between AVCheck's administrators and crypting services, which help obfuscate malware. Law enforcement created a deceptive login page to warn users of legal consequences. The takedown occurred on May 27, 2025, as part of Operation Endgame, which also seized 300 servers and 650 domains linked to ransomware attacks.

Tech Optimizer

May 30, 2025

Dutch police takes Counter Antivirus service AVCheck offline

The Dutch Team High Tech Crime, in collaboration with international partners, has dismantled the counter-antivirus service AVCheck, which was used by cybercriminals to make malware undetectable. AVCheck was one of the largest services of its kind, allowing malware developers to test their software against antivirus programs. The operation involved cooperation from the Netherlands, the United States, and Finland, and was executed by the High Tech Crime Team under the National Public Prosecutor’s Office. The investigation not only shut down AVCheck but also gathered evidence against its administrators and users, including those of related services like Cryptor.biz and Crypt.guru. Additionally, a fake login page was launched to deter AVCheck users, and collaborations with antivirus organizations were established as part of Project Melissa. This action is connected to Operation Endgame, which previously targeted other malware services.

Tech Optimizer

May 30, 2025

I put Bitdefender and Norton up against each other to see which was best, and the results were almost too close to call

Bitdefender has a detection rate of over 98% for malware, while Norton has a 97% offline detection rate and exceeds 99% online. Bitdefender's firewall is configurable but limited to its Total Security package, whereas Norton offers a powerful and customizable firewall. Bitdefender provides a separate Digital Identity Protection service for .33 per month, while Norton includes identity theft protection through its LifeLock service in higher tiers, offering features like credit monitoring and potential compensation up to million. Bitdefender includes a VPN with a 200MB daily data cap, while Norton offers an unlimited VPN in most subscription tiers. Both have password managers, but Bitdefender lacks two-factor authentication. Bitdefender offers straightforward parental controls, while Norton includes mobile GPS tracking. Bitdefender is recognized for its lightweight design, while Norton is noted for its speed. Bitdefender has a user-friendly interface, while Norton’s may be more complex for beginners. In independent tests, Bitdefender slightly outperforms Norton in offline detection. Norton's basic plan starts at .99 per year, while Bitdefender's Antivirus Plus starts at .99 per year.