Thursday, June 10, 2021

Next thing you know they'll be recording your keystrokes

from here and here (source article)

At first I was like "next they'll be encrypting your drive", but wait, maybe they already have full disk encryption. Then I thought, about carrying out commands sent from a server, but that's kind of part of how some anti-malware works too (especially those that send samples to the company's servers if it's a file that's never been seen before). They also download and execute binaries from remote servers - as part of their update process.

It's getting harder and harder to find a malicious payload that doesn't have a counterpart in security software.