From The Comodo Think Tank: Cryptolocker, SpyEye and Shylock Malware are No Match for Comodo Containment Technology

August 12, 2015 | By Editor

Over the past few weeks, the engineers from the Comodo Think Tank have looked at some of the most feared malware and ransomware today, matching it up against Comodo’s containment technology.

Comodo Containment Technology

And the results? Cryptolocker fails against Comodo Containment. Shylock and SpyEye malware fail against Comodo containment. Why? Because for CIOs, CISOs, and IT administrators and engineers who need to prevent data breaches, Comodo endpoint security and containment is the only solution that offers on-device, real time containment. Unlike legacy approaches such as blacklisting and sandboxing, Comodo containment uses smart filtering to automatically contain and execute unknown files, without negatively impacting the system performance or the user’s productivity.

“Comodo’s containment technology is radically different than anything else in the market today – keeping our customers safe and secure with endpoint protection technology that focuses on prevention, not on detection,” says Fatih Orhan, Comodo’s Director of Technology and a leading member of the Comodo Think Tank. “Regardless of the cyber threat to our customers, their information is safe and secure because our containment technology keeps malware out while protecting information.”

Let’s revisit some of the findings again from the Comodo Think Tank and break each scenario down:

Comodo Containment versus SpyEye Malware

SpyEye is a type of malware which cybercriminals use to steal online banking credentials, credit card data, passwords, and other personal information. SpyEye has infected more than 1.4 million computers globally, and its silent attack means it is delivering confidential information straight to criminals.

The SpyEye malware works like this:

  • SpyEye uses in-memory injection, a technique used for running unauthorized code within computer processes
  • SpyEye’s injected code then “hooks” into textboxes and collects all of the information are person would type: login credentials, passwords, credit card information, and any other type of confidential information
  • The malware delivers the sensitive information straight to the cybercriminals

But when SpyEye meets computers and IT infrastructures armed with Comodo’s patent pending containment technology, the results are devastating for SpyEye:

  • SpyEye tries to inject its malicious code
  • SpyEye FAILS—miserably. With Comodo containment technology, malware simply cannot inject code into other processes
  • SpyEye’s failure means a safe and secure Comodo customer

Comodo Containment versus Shylock Malware

Shylock is a notorious banking malware designed to trick customers into giving their banking login and account details to cyber thieves. The Shylock malware works like this:

  • Shylock injects its code into a web browser and mimics the look and feel of the customer’s banking site
  • Shylock then collects the customer’s login credentials, passwords, credit card information, and other pieces of private information
  • Shylock then sends the customer’s private information straight to the cyber thieves

But when Shylock meets computers and IT infrastructures armed with Comodo’s patent pending containment technology, the results are devastating for Shylock:

  • Shylock tries to inject its code into the web browser
  • Shylock FAILS–miserably. With Comodo containment technology, malware simply cannot inject code into other application processes
  • Shylock’s failure means a safe and secure Comodo customer

Comodo Containment versus Cryptolocker

Cryptolocker, is a ransomware Trojan first started back in 2013, and still existing in various forms today. Cryptolocker works like this:

  • Cryptolocker reads and encrypts a file on a computer
  • Cryptolocker then overwrites the original file with the encrypted file
  • Cryptolocker holds onto that file and demands ransom for the returning of the file

But when Cryptolocker meets Comodo’s containment technology, any new, unknown file goes directly into Comodo containment. The results are devastating to Cryptolocker:

  • Cryptolocker tries to read and encrypt a file on a computer
  • Cryptolocker FAILS miserably… because, with Comodo Containment, malware can’t alter hard disk data–it can only alter a virtual hard disk which Comodo provides within containment
  • Cryptolocker’s failure means a safe and secure Comodo customer

Want to see and hear more about Comodo Containment? Watch this short video entitled “The Good, The Bad and The Ugly” https://youtu.be/Uq31kqKiQ4I

Be Sociable, Share!

    Add new comment

    Your name
    Comment

    You may use these HTML tags and attributes: <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>