Avert Labs — Malware “Experience” – DON’T

With a huge surprize I’ve read here that McAfee is teaching people how to play with Malware.

I do not think that everybody needs to know this. Already too many script kiddies are doing this with catastrophic effects.

http://www.mcafeefocus.com/focus09/sessions/GroupMeetings.aspx#avert2

Avert Labs — Malware Experience
(By appointment only)
Tuesday, Oct. 6
1:00 pm – 5:00 pm
You’ve often heard that the Internet is a dangerous place and you’ve probably read about threats such as botnets, keystroke loggers and drive-by installations of malware through rigged Web sites. But what is malware really? How do cybercriminals launch their malicious attacks? McAfee is offering you the chance to find out with the unique and exclusive McAfee Malware Experience.

Join experts from McAfee Avert Labs and have a chance to work with a Trojan horse, commandeer a botnet, install a rootkit and experience first hand how easy it is to modify websites to serve up malware. Of course this will all be done in the safe and closed environment, ensuring that what you experience first hand doesn’t actually go out onto the Internet. To sign up, contact Shiva Mandalam at shiva_mandalam@mcafee.com or 408.346.3866.

McAfee, do not consider that just by using a “safe environment” the problem doesn’t exist. Those guys who enjoy the feeling will repeat the experiment… maybe outside of the safe environment.

And then what ?


© Copyright 2009 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity


Check www.endpoint-cybersecurity.com for seeing the consulting services we offer.

Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie de.itsecuritynews.info für IT Sicherheits News auf Deutsch

2 thoughts on “Avert Labs — Malware “Experience” – DON’T

  1. It’s actually a lot cheaper to buy a Trojan toolkit than to attend Focus09 – maybe it’s not clear, but you can’t walk off the street and attend this session. It’s $550 per day just to get in the door.

    I appreciate your concerns though, nothing we show during these sessions is cutting edge, and it’s designed to highlight how vulnerable people who don’t consider the security of their IT systems are. The session is also by appointment – which means we know who will be there, and the role they play. The possibility of a trusted system administrator from a reputable company also being a (currently uneducated) “script kiddie” remains though I guess.

  2. The problem, as I already sad, is that these Admins might get a false trust in their “knowledge” about malware. This is very possible because if they pay 550$ to McAfee, then they have to leave the course with something. And if they do, they will (or might) think, that they know everything about the topic (even if the teacher tells them that there is still a lot to learn). Once they lower the guard, then they will make mistakes.
    And this kind of mistakes might cost a lot …

    I would simply don’t go into this area…

Comments are closed.