Machine learning evasion contest – the AV tester’s perspective
The beginning It’s the year 2018, somewhere around the end of October in one of the most beautiful islands in the world. The weather is …
Read moreOn Android Philosophy and its Effects on Malware
We have spent some time in custom sample development, based on methods seen in the wild. During the countless hours of sitting in front of …
Read moreAndroid AV vs. Third-Party App Stores
Introduction Recently, we have been working on some advanced Android malware and to test some ideas, we opted to create some custom samples. Our approach …
Read moreEncrypted exploit delivery – #IRONSQUIRREL
This research deals with the delivery of encrypted browser exploits to a victim’s browser. It is a follow-up post to some research I did 2 …
Read moreA Note on the War of Android AVs and Advanced Malware
Recently, we performed an in-depth analysis of multiple Android AV engines. We checked how they perform in scenarios where the users’ device has not yet …
Read moreCurrent state of malicious Powershell script blocking
The current state of malicious Powershell script blocking is bad, very bad. There is room for improvement … Only two products (among the tested ones) …
Read moreWebroot SecureAnywhere Android AV coordinated disclosure
Researchers of MRG Effitas tested the Webroot SecureAnywhere Android application. During use, we came across implementation details, which might undermine the Vendor’s efforts to provide …
Read moreLimitations of Android AntiVirus Scanners
Recently, MRG Effitas have been involved in a test of Android based AV products. Having completed the test process, we realised that the general approach …
Read more