Hello guys,
correct me if/where I am wrong but, as far as I have read, the infection starts only
Quote:
|
if the user executes programs stored on the pandemic file server.
|
It seems to me unlikely that one
runs an executable directly on a remote share (are there scenarios where this actually happen?), I would copy it to my local machine beforehand and the executable is modified while copying (in order to run the remote program, its bytes must be actually trasferred to the target system's RAM).
In this case, couldn't a so-called antivirus detect the malicious activity as usual?
Maybe the "news" stays in the method itself not quite in the risk
Thanks and Regards,
Tony