Patently Insecure

What if each anti-malware product was forbidden, by law, to implement a list of effective methods for blocking known threats? What if hackers had free access to this list, so that they could program their malware to circumvent any anti-virus program they want? Worse still, what if the US Government was providing this list, free of charge, online?

When one anti-malware company files a patent on an effective method for blocking a known threat, every other anti-malware company is forbidden, by law, from implementing that method. As documented below, hackers literally program their spyware based upon this situation in order to effectively bypass any anti-virus program they want. Here’s how it works.

Trojan T9000

Trojan T9000 is a perfect case in point. Once you understand how it bypassed even the best antivirus apps, you will understand the legal limitations of all anti-malware (something your cybersecurity salesperson will never tell you).

Modern trojans, such as T9000, install themselves in stages. For example, Stage One of T9000 was a tiny piece of code that simply looked to see if any of the following security software was installed:

  • Sophos
  • INCAInternet
  • DoctorWeb
  • Baidu
  • Comodo
  • TrustPortAntivirus
  • GData
  • AVG
  • BitDefender
  • VirusChaser
  • McAfee
  • Panda
  • Trend Micro
  • Kingsoft
  • Norton
  • Micropoint
  • Filseclab
  • AhnLab
  • JiangMin
  • Tencent
  • Avira
  • Kaspersky
  • Rising
  • 360

Since the initial code is tiny and non-invasive, no security alarms are triggered at this stage.

In the next stages, Trojan T9000 loads additional code based upon the installed security packages. In other words, it chooses to load code that it knows will bypass the currently installed security system (since that code will only be detected by security systems that are not installed). Therefore, Trojan T9000, and all sophisticated trojans, can ensure that they load code that is undetectable to your chosen security software.

The law literally forbids security programs from implementing all known protections. Therefore, your chosen security platform will permanently remain vulnerable to attacks covered by other vendors’ patents. So what then can you do to protect yourself – even with this legal quagmire in place?


Because legal boundaries permanently limit the detection capabilities of anti-malware, you need a catchall backstop that prevents undetected trojans from accessing the internet.

By cutting off a trojan’s access to its command and control center, you keep your digital life safely out of hackers’ hands. Also, by setting up alerts for when these undetected trojans attempt to communicate, you will instantly know what device they are hiding in; so that you can take immediate countermeasures to get it removed.

This information was provided courtesy of Terra Security Inc.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.