GFI Apologise To Samsung Over False Keylogger Claims

Samsung was reported by Computerworld’s sister publication, Network World. In the report, Mohammed Hassan, an IT security consultant in Toronto, claimed that he had found a keylogger called Starlogger in a couple of brand new Samsung laptops they had purchased in Canada.

On March 31, 2011, it was claimed the false alarm on Samsung keyloggers.

Alex Eckelberry, who is general manager of GFI Security, a maker of e-mail and Web security products, said “I was really interested in the story. I thought if someone had found a keylogger, that’s pretty hardcore,”

The truth is that Samsung wasn’t secretly installing keyloggers on its systems, but that GFI’s security software, VIPRE, was mistakenly reporting that the laptops contained the malware. VIPRE is technology that was developed by Sunbelt Software, a company GFI purchased last year.

In the keylogger reporting article, the security program VIPRE was used and mistook a folder created by Microsoft’s Live Application for a key logging software, during a virus scan. The directory that caused the confusion was C:\WINDOWS\SL. While that is the Slovenian language directory for Windows Live, it is also the directory path used by the Starlogger keylogger. So when VIPRE encountered the SL directory on the Samsung laptops, it automatically flagged it as Starlogger, Eckelberry said.

After investigating the claims, it was said that the allegations were false.

“I want to emphasize ‘rarely’, as these types of detections are seldom used, and when they are, they are subject to an extensive peer review and QA process,” Eckelberry wrote, while apologizing to Samsung and the researcher who reported the problem.

Though folder path detections are fairly commonly used by many anti-malware products, the practice is generally frowned upon because of the potential it holds for generating false positives — as happened this time, he said.

“It’s such a rarely used detection method,” Eckelberry said. “To have this type of heuristic create the issue for us is a big embarrassment for us.”

More reading http://www.computerworld.com/s/article/9215396/GFI_apologizes_for_false_alarm_on_Samsung_keyloggers?taxonomyId=17

Share

Recent Posts

How to Remove Spyware from Mac: A Step-by-Step Guide

Spyware on Mac has become a growing concern for many users. Despite Apple’s emphasis on…

4 months ago

Top Security and Surveillance Apps for Mac: Enhance Your Mac’s Protection

Have you ever searched for a reliable security and surveillance app for your Mac? The…

4 months ago

WebWatcher Review – Website Watcher for Mac

Are you searching for a reliable monitoring tool for Mac? Look no further. In this…

4 months ago

Stealthmate Keylogger for Mac: A Simple Tool for Monitoring Macbooks

The Stealthmate Keylogger for Mac is a discreet tool that helps employers monitor employee activity…

4 months ago

How to Track a Stolen Mac Laptop with Spy Software?

Imagine the sinking feeling when you realize your Mac laptop is missing. It’s more than…

4 months ago

Best Monitoring Spy App for Mac

In this article, we focus on Easemon, the ultimate monitoring spy app for Mac for…

4 months ago