Microsoft Security Essentials is amongst the most popular Windows virus scanners but scores low on detection of malware that tries to steal money from bank accounts, according to security researchers from MRG Effitas. They tested Security Essentials with 300 banking trojans that were found “in the wild”.
Banking trojans are malware specifically designed to steal data for internet banking. With the stolen data, cybercriminals can make fraudulent payments, e.g. to their own bank accounts. The banking trojans often are also able to steal other data, like Paypal and social networking login data. Of the 18 tested antivirus applications, only 5 detected all malware. Microsoft Security Essentials didn’t detect 38 of the 300 malware samples (87.3%), followed by ThreatTrack Vipre (95.3%) which missed 14 samples. The percentages indicate the detection rate.
MRG Effitas also performed a botnet-test in which they tested how well virus scanners detected “droppers” of financial malware. Droppers are malware components designed to “install” some sort of malware (virus, backdoor, etc.) to a target system. Droppers are created with “malware builder kits” which allow cybercriminals to easily develop malware, well known examples are PowerZeus, SpyEye and Citadel.
The researchers used several leaked malware builders to make their own malware examples and subsequently scanned them with the tested virus scanners. Security Essentials detected all of the malware samples while F-Secure missed 2 out of 3 malware samples.
The last test the researchers conducted was performed with a malware simulation in which they simulated different kinds of malware attacks. Only 8 of the antivirus scanners were able to detect the two performed attacks.
Kaspersky Internet Security, Quarri POQ, Webroot SecureAnywhere and Zemana Antilogger were certified by MRG Effitas based on the these test results.