Quote:
Originally Posted by Freakin
A trojan designed to steal your wallet.dat isn't going to trigger heuristic detection.
Heuristics looks for triggers like obfustication, replication and filesystem overwrites. This is what viruses commonly do to infect your system. A trojan designed for bitcoin stealing will emulate a legitimate and useful program and will not be triggered by AV.
This is going to be a VERY big problem going forward.
Quote:
Originally Posted by TomCollins
I know exactly why. Maybe you should explain it. Your theory would make it seem like they would never need to perform updates since they could figure out anytime anyone was doing something bad.
Heuristic Detection is an effective way to locate unknown threats for the most up-to-date realtime protection, but there are downsides.
Obviously this sort of scanning and analysis can take some time, which may slow-down system performance.
The main concern with heuristic detection is that it often increases false positives. False positives are when the antivirus software determines a file is malicious (and quarantines or deletes it) when in reality it is perfectly fine and/or desired. Because some files may look like viruses but really aren’t, they are restricted and stopped from working on your computer.
Is Heuristic Detection Worth It?
Security professionals have come a long way with heuristic detection, and are still working to find the perfect balance that provides proactive protection without causing the hassle of false positives. They have also made the processes much faster by utilizing computer resources more effectively and utilizing better scanning technology.
We expect heuristic detection to continue to be dynamic and improve in speed, efficiency, and efficacy. For now, it is a good idea to utilize a security solution that includes heuristic detection methods. If you find they get in the way, you can usually turn them off anyways. But for utmost protection and truly proactive prevention, heuristic antivirus detection is definitely the way to go.
And now you know.