As F-Secure knows, cryptors are stubs of code including encrypted malware. The usual technique, searching for signatures from a long list, does not work because the signature is encrypted. The stub is relatively empty and might contain irrelevant code, thereby appearing innocuous to the scanner. Shouldn't any encrypted code in an application be a red flag in itself? What is F-Secure's policy on cryptors? If they aren't automatically blocked, will F-Secure add an option to do so?
... View more