Русский   Home

Is DWX malware?

No. DWX is malicious no more than a hammer, with which you can damage something as well as repair. It makes a script writer more powerful, providing access to DLL functions and to process memory, but it doesn't decide what that writer does with them. Some scripters have decided to do bad things and damaged DWX's reputation.

On the Internet, you can find articles explaining the inner workings of some trojan and ransom scripts that make use of DWX. However, there is nothing in those articles about the harmful activity of DWX itself. Why? Currently 15 to 20 antivirus scanners detect it as a threat. What prevents researchers from seeing its malicious actions? The answer is obvious: DWX doesn't do any harm to the system it runs on. That's why its harm is so hard to discover.

Why, then, do antivirus scanners detect it? Maybe because it's hard for them to detect malicious scripts themselves. Scripting code can be changed easily, but DWX doesn't change much. So it makes sense to look for it.

Taking into account its possible malicious use, I think it's actually not bad that DWX is detected by antiviruses. If you don't remember ever installing it on your system and yet it's there, that implies some hidden activity that you'd better be aware of.