Windows Defender aka Windows Security took 28 months to detect a malware installed on a Windows 10 PC
Over the years, Microsoft has been pushing Windows 7 and Windows 10 users to use its native anti-virus software called Windows Defender or Windows Security. But instances have proven that Windows Defender lags in performance, especially in detecting newer strains of malware and trojan. In yet another instance, a Redditor has reported how Windows Defender Security Center (WDSC) as it is called in Windows 10 new update, took 28 months to detect a keylogger installed on his computer.
The user made a thread on Reddit to share his experience. The images provided by the Redditor show that the keylogger was installed on his computer on 18th Jan 2018 and had been logging in all the keystrokes he made for a sum total of 18 months before it was spotted by Windows Security.
From the comments made by the Redditor, it seems he doesn’t have any professional anti-virus software on his computer and relies on Windows Security for scans. As you all know the Windows Security conducts background scans for malware, trojans, and other viruses every time we log in. The same happened with the Redditor’s computer but Windows Security failed to identify and detect the malware for a whole 18 months.
Yesterday, out of blue the Windows Security panel detected the malware and notified the user.
The Windows Security detected and identified the keylogger from the HackTool:Python/Keylogger.A malware family. Microsoft claims that Windows Security tools are able to identify this keylogger but apparently the software failed to detect it. The keylogger itself is a very basic piece of malware designed to record the keystrokes made by the victim.
Many users on Reddit wondered why now after 18 months. The answer could lie in the fact that Microsoft has updated the Windows 10 PC/laptops with many fixes only a week before and it could be that the malware library may have been updated in this update.
Others are guessing whether the original poster himself installed the keylogger because it doesn’t seem from the thread that he is unduly worried about the keylogger recording his every move for almost a year and a half. However, many others confirmed that Windows Security is bad at detecting malware.
Still hasn’t detected my Powershell key logger that I wrote a year ago and malware bytes only caught the output file, which it caught because it was named “keylog.txt”. Once I changed the name of the output file, Malwarebytes didn’t care about it anymore.
A user on Reddit
One reason could be Windows Security depends a lot on signatures. Newer malware often doesn’t have a signature, which makes it difficult for Microsoft’s native AV software to detect it. Whatever the case, Windows Security aka Windows Defender aka Windows Defender Security Center (WDSC) sucks.