Don’t believe to what they are trying to tell you: You can cloak a Malware with help of a special tool so it cannot be detected by Anti-Virus or similar Security Applications. The way to do it can be complicated (and requires good programming skills) or easy: By using a ready-made FUD Crypter.
Avoid Anti-Virus Detection
A FUD Crypter is basically changing the signature of an application. Anti-Virus-Solutions compare a files checksum with their internal database. If they find a match which points to a Malware entry, they “detect” the Malware. Basically. Because with some methods you can complete obfuscate these checksums.
AegisCrypter is one of the oldest FUD/Crypters on the market. It’s available for free as demonstration version, as a private edition (which can be accessed by a limited number of persons) or as a fully individual Unique edition. The Unique edition is the very best. After 3-5 days after a Aegis obfuscated Malware is spread they slowly start to detect it. 3-5 days of free passing all AV-Engines is a mighty feature!
More About Malware
Here are some good books about Malware. A recommendation for every professional:
Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software
Malware Analyst’s Cookbook and DVD: Tools and Techniques for Fighting Malicious Code
The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory
In the past 16 years I offer my services as professional penetration tester to various customers all around the world. I offer simulated Advanced Persistent Treat (APT) attacks as well. Feel free to contact me for more details about my services.