Hi all,
Some discussion here regarding how long ransomware has been known to sit idle (in some variants) before launching its payload action. I have seen 2 months and sometimes 3 months on forums. Has anyone seen anything much longer?
Thanks
-
AlbieNorth
- Influencer
- Posts: 15
- Liked: 1 time
- Joined: Dec 04, 2014 4:59 pm
- Full Name: Albert Gostick
-
Dima P.
- Product Manager
- Posts: 14716
- Liked: 1702 times
- Joined: Feb 04, 2013 2:07 pm
- Full Name: Dmitry Popov
- Location: Prague
- Contact:
Re: Ransomware payload delay x months?
Hello Albert.
AV signatures may recognize ransomware after some point it time (signatures are constantly updated but with a small delay), if ransomware sits too long - there is a change AV database gets it's signature and it's going to be recognized as threat. That's in theory and I'd say never underestimate ransomware.
AV signatures may recognize ransomware after some point it time (signatures are constantly updated but with a small delay), if ransomware sits too long - there is a change AV database gets it's signature and it's going to be recognized as threat. That's in theory and I'd say never underestimate ransomware.
-
Gostev
- Chief Product Officer
- Posts: 31802
- Liked: 7298 times
- Joined: Jan 01, 2006 1:01 am
- Location: Baar, Switzerland
- Contact:
Re: Ransomware payload delay x months?
Ditto. It does not have a luxury to wait for too long.
Who is online
Users browsing this forum: Brian.Knoblauch, Semrush [Bot], StrongOBackup and 141 guests