Home > All, Security News > I think I probably got that wrong – an apology to Samsung

I think I probably got that wrong – an apology to Samsung

Oops. I might need to offer Samsung an apology…

It sort of struck me that it’s a bit silly trying to install a known keylogger and expect to get away with it. So I started to ask a few AV companies if their software would detect the ‘Samsung keylogger’. First to reply was Kaspersky:

Yes, it detects it. But there’s no certainty at this stage that it has been pre-installed by Samsung.

Kaspersky referred me to the Samsung statement:

The statements that Samsung installs keylogger on R525 and R540 laptop computers are false.

Our findings indicate that the person mentioned in the article used a security program called VIPRE that mistook a folder created by Microsoft’s Live Application for a key logging software, during a virus scan.

The confusion arose because VIPRE mistook Microsoft’s Live Application multi-language support folder, “SL” folder, as StarLogger.
http://www.samsungtomorrow.com/1071

That actually makes sense. A genuine false positive is a far more likely culprit than an incompetent conspiracy.

Kaspersky

Just to demonstrate:

Firstly, the false positive from VIPRE

VIPRE

VIPRE recognising Windows/SL as StarLogger

And now AVG2011 correctly recognising the StarLogger keylogger:


The confusion is between WINDOWS/SL and WINDOWS/SL/WINSL.EXE

AVG

Categories: All, Security News
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s