5

This question quite amazes me. I dont understand how antivirus companies get info about the latest viruses. have they installed some kind of filters to monitor the internet traffic ? Or they are purely dependent on sites like www.virustotal.com and similar ? If thats the case, then why some companies create a patch first, and other companies dont even know about that virus ?

Please clarify.

Novice User
  • 2,108
  • 7
  • 27
  • 40

1 Answers1

10

Various methods can be used:

  • Samples are sent in by customers
  • Malware detected by heuristic scanners (i.e. stuff that behaves like a virus) is further analysed
  • Mail blocked as spam can be analysed for malware attachments.
  • "honeypots", which are public servers or email addresses designed to collect malware
  • going undercover in malware writers communities
Graham Hill
  • 15,594
  • 38
  • 63
  • Now I'm imagining new guys approaching malware communities having to so some "being evil" test before being accepted... – o0'. Mar 16 '14 at 09:16