On Friday, November 27, 2015 at 8:45:15 PM UTC+8, David H. Lipman  
> 
> The second was "Cryptex Reborn" where you can get the malware binary 
> crypted.  Then you can scan the file again without the file being submitt=
ed 
> to anti malware vendors.  Once that malware binary was shown to no longer=
 
> have detections, it was released into the wild. 

This raises indirectly the issue of whether, if you have a new .exe file, h=
ow you can have it submitted to anti-virus vendors to put it on their "clea=
n" list....I once did this for some program I released free, and after a we=
ek or so I got a 'nothing bad with this software' green icon when presentin=
g it to some online 'is this software good or malware' site (details escape=
 me, it's been a few years). 

Also Visual Studio 2015 has a built-in function where you can submit your p=
roposed program to Microsoft's 'Store' (sic, not sure that's their name, bu=
t I think it is) and have it vetted as 'clean' and/or 'approved' or not.

In short, it seems that polymorphic virus/badware is alive and well, but th=
e internet has moved to a more 'AOL'/'gated community' model where only app=
roved software is sold, and most people don't click on attachments anymore.

PS--topic for another thread, but I still haven't understood how a browser =
visiting a malware site can infect your PC...I'd like a tutorial on how thi=
s is done, maybe high-level, but something a bit technical.  I have seen SQ=
L injection attacks explained and buffer overflows but that's about it.

RL
--- NewsGate v1.0 gamma 2