There have been reports by Kaspersky (website here: http://www.kaspersky.co.uk) that have shown the latest browser redirect threats are becoming more sophisticated and more advanced in both their stealth techniques used to hide from the operating system, and also the malicious activities which they perform. To help the virus creator hide the virus and perform its dirty work, root kits are being employed to keep the virus code well hidden and unlikely to be detected by most traditional antivirus software.
A whole task force of both antivirus engineers, tech gurus and other security enthusiasts have worked together to help the community remove browser redirects, one of the most common being the Google redirect virus. A recent post by removing malware (website here: http://www.removingmalware.org/
Moving forward, it’s clear to see that the rest of 2012 is going to be a busy year for the antivirus industry. There are yet to be any clear players who are able to offer robust security against viruses such as the Google redirect. The biggest issue for them to overcome is the ever changing virus code that the creators write. This means that signature based detection systems are normally redundant in terms of detecting new strings. Vendors rely on the community to find new strings to add to their definition databases. So, what does this mean in terms of new advancements?
Heuristic based detection has advanced over the past few years and Kaspersky have a rather sophisticated engine that detects common browser redirects and many forms of the Google redirect virus. This focus is likely to mean that virus creators will have a hard time bypassing antivirus engines in the future and will begin to focus more on making their viruses better in terms of stealth and deployment of the virus payload.
Expect some news later on in the year and statistics on browser redirects and how often they infect computers in both home and office environments. These viruses are lucrative for the creators but a downright annoyance for anyone who happens to get infected by one. Removing them can be quite complex and in some cases, can require a complete format and reinstallation of the operating system.