IT security, vunerabilities, bugs, fixes, flaws, RSA conference and Infosec.
A blog from

« Enisa gives birth to a monster | Main | Home Office silent on international co-operation »

Kaspersky ups the ante

Moscow blog.JPGFresh from a rather embarrassing hack of its US portal, Russian security vendor Kaspersky had a more positive announcement to make today. The firm has patented new technology which it says will help it to detect and remove all malicious programs.

The new technology was developed by Mikhail Pavlyushchik, and granted Patent No. 7472420 by the US Patent and Trademark Office on December 30 2008. But more interestingly, how is it unique? Well, it works by logging all system events that may indicate virus activity; for example, modification of an executable or record in the system registry. When a malicious process or file is detected, a module that analyses preceding events is launched that allows the source and the time of an infection to be determined, according to Kaspersky.

"The system then analyses all child events related to the source event, which makes it possible to detect all malicious programs involved in the incident, including those that were previously unknown," the firm explained. This is particularly useful because in modern day cyber warfare, online criminals use Trojans to get a foothold on users' machines and then that same Trojan downloads a whole host of other malware from the internet, often with unknown signatures that traditional AV technology can't detect.

The new technology also removes or quarantines malicious code, interrupts malicious processes, and restores the system files from a trusted backup, said Kaspersky. And, helpfully, it can then send on any useful info about detected malware to other AV vendors to help them speed response times.

Nice to hear the AV vendors have enough engineers to keep innovating, especially after chief executive Eugene Kaspersky's predictions last year that the financial crisis would lead some to the dark side. Kaspersky in particular prides itself on the ingenuity and expertise of its engineers and the quality of its products, but they're going to need all the ingenuity they can get if they're to even keep pace with a well-funded, well-resourced and highly motivated criminal community.

February 20, 2009 |


Post a comment

Site credentials: About | Privacy policy | Terms & conditions | Top of the page
© Incisive Media Ltd. 2009
Incisive Media Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, is a company registered in England and Wales with company registration number 04038503