RCS Spyware Goes Completely Undetected by Antivirus Products

  • 27 November 2014
  • 1 reply
  • 2 views

Userlevel 7
Badge +54
By Ionut Ilascu    27 Nov 2014
 
A variant of Remote Control System (RCS) spyware collected a month ago goes completely under the radar of some antivirus products, a security researcher reports.
 
RCS is a versatile product developed by Italian company Hacking Team that can work on different computer platforms, desktop or mobile, and it is developed specifically for government agencies for surveillance purposes.
 

Running malicious process not identified

The sample detection experiment was carried out by Claudio Guarnieri, the leading developer of Detekt, a free scanner specifically created to help journalists, activists and human rights defenders find on their computer systems traces of spyware known to be used by various government organizations.

On Wednesday, he tested antivirus solutions from Kaspersky, Avira (Free), G Data and ESET and found that none of them were able to detect a trace of compromise on a system with an active RCS process.
 
Full Article
 
 

1 reply

Userlevel 7
This article drives home the point in respect to a variant which is not being detected by normal means of detection. You would expect a running process malicious as it is should be detected.This article states the variant was detected by another antivirus company using behavioral detection.

Reply