And just when you didn’t think it could get worse, the bad guys learn that encryption is a great way of hiding their payload. Hiding the payload from real-time protection, making you think the computer is clean when it is in fact infected. At this point, you might be wondering what the solution is. There isn’t one. At least, not a solution that will protect you from getting infected. More on that later. First, I want to start by explaining what, in this context, encrypted malware is.

If you came here thinking this was an article about ransomware, then I am sorry to have to tell you that this isn’t about ransomware. At least not specifically. Neither is this about malware that uses SSL to encrypt traffic. Again, at least not specifically. This article will focus on malware that is itself encrypted in order to avoid detection. What the actual payload is will not be the focus of this, but rather how encryption is used to evade real-time protection, which is the main defense for most users. I also want to touch on how we currently try to fight it and why this will keep being a problem with the current solutions.