AhnLab Security Center


Milestones of IT History: V3


In 1988, an antivirus(AV) software was born as a countermeasure against the Brain Virus. This software was developed to recognize, destroy and protect against the computer virus, hence named Vaccine. It was introduced in a time when the concepts of malware or antivirus were unfamiliar to the world. The advent of the antivirus software heralded the starting point of the enduring 29-year reputation of AhnLab V3 (hereinafter referred to as V3). 


AhnLab's AV product, V3, became widely known to the public in 1991 following its broad distribution. The name adopts the first letter of vaccine and the version number at the time. Even after the release of later versions, it was referred as V3 by the users, and thus has taken its stance as the flagship brand of AhnLab. The name has remained constant but V3 has been continuously evolving for 29 years in response to the drastic changes in the IT environment. Currently V3 is the umbrella brand of AhnLab and has spawned numerous offshoots for a multitude of purposes including, V3 Internet Security 9.0, V3 Endpoint Security 9.0, V3 Net for Windows Server 9.0, V3 Net for Unix/Linus Server, and also V3 Mobile Security and V3 Mobile Plus for mobile. 


This article presents the 29 years history of a V3 and introduce you to various features of V3 you should not miss.


29 years of Evolution: The history of IT along with V3 

Following the release of the Brain virus (1988), other viruses like the Jerusalem Virus, also known as Virus of Friday 13th (1989), and the Michelangelo virus (1991) emerged one by one. To keep up, AhnLab’s Vaccine also quickly evolved into VII Plus-V2 PLUS- and VIII which later settled as AhnLab V3. In fact, the wide-spread infection of the Michelangelo virus in April 1991 cement V3’s reputation and helped increase public awareness.

The initial V3 was designed against malware of the time. With the increasing numbers of malware, V3 underwent a cycle of technological innovation in order for it to react promptly to new threats in an evolving IT environment. In 1990s, V3 started as V3+, an AV software for DOS, which expanded to My V3, an online AV software and V3 Mobile for Palm, the early mobile AV software. In the early 2000's, AhnLab released V3 Internet Security 8.0, which cloud computing based AhnLab Smart Defense (ASD) technology was applied. In 2013, AhnLab launched a new version of an MDP based V3 called V3 Internet Security 9.0, a platform where different reputation-based or behavior-based analysis technologies were applied. In 2016, the use of decoy technology was added to V3 Internet Security 9.0 along with new features, such as Anti-ransomware Folder to combat against ransomware threats. 



[Figure 1] Main Changes in V3


2017 V3: What makes V3 different? 

The history of V3 reflects the major threats of a period. Inevitably, 2017 version of V3 is optimized for ransomware protection, which has been a major threat of this year. Not only that, V3 provides diagnosis and treatment for undergoing malwares such as spyware and Trojan horse. 

■ Ransomware protection by V3

WannaCryptor ransomware, also known as WannaCry, has infected more than 300,000 computers in more than 150 countries by exploiting the vulnerability of Server Message Block (SMB) in Windows OS. The scale of damages by WannaCryptor in Korea was relatively low, but new variants of WannaCryptor are constantly being discovered and there is a growing concern of similar attacks that exploit SMB vulnerabilities. Last May, AhnLab applied an Intrusion Prevention System (IPS) signatures to its V3 product lines to block all traffics that exploit SMB vulnerability. V3 can now diagnose and remove the existing WannaCryptor ransomware and also successfully respond to other types of attacks that exploit the vulnerability, including WannaCryptor variations.


Previously, in June 2016, AhnLab applied Decoy-Based Threat Detection to improve V3's ability to diagnose new or variants of ransomware. Decoy-Based Threat Detection uses a decoy to attract ransomware. It uses specific files or folders to detect and block malicious programs attempting to change encryption or names. It creates a decoy folder in the root directory. To minimize inconvenience of the users, these folders and files are invisible even show hidden files, folders, and drives of the PC’s folder option is set. Also, a feature was added to detect ransomware which uses multiple file modification. Most ransomware encrypts files and folders randomly after the infection but V3 detects these behaviors and provides effective response. 


V3 is in the spotlight for ransomware prevention due to its Anti-Ransomware Folder feature. Anti-Ransomware Folder feature completely prevents the modification and deletion of files or the creation of new files within this folder, making encryption of the files impossible even if the computer is infected. Another conventional method to prevent damage by ransomware is data backup. The process, however, can be both time consuming and tedious. Therefore, it can be said that V3's Anti-Ransomware Folder feature is an effective method to prevent encryption of your precious data with a click of a button. AhnLab is continuously strengthening the usability of this feature through user feedback.



[Figure 2] Screen of Anti-Ransomware Folder Settings


■ V3, competent and caring

V3 provides an intuitive UI as shown in Figure 3, so that the users can quickly and easily understand the security status of their computer. The main screen of V3 displays the computer’s status through a user-friendly color code: Blue for safe; yellow for attention; and red for at risk


However, there are some users unsure of what action to take if their V3 indicates a threat is present in the computer. Some users also found the in-depth diagnosis time consuming. For these cases, V3 provides Fix Now and Smart Scan feature.



[Figure 3] Main screen of V3 for different security status of the computer


V3's Fix Now button is available when the security status of a computer is raised to Attention or At Risk. When the user clicks the Fix Now button, V3 investigates to the reasons behind the status change, such as low engine version and disabled real-time scanning. Then these settings are automatically changed. In other words, the user can conveniently manage computer security against threats with one click of a button.


Users can also use V3's Smart Scan feature to detect and remove malware quickly and accurately. V3 is prepared against potential threats using the behavior-based or reputation-based detection, but unlike scanning the full system, Smart Scan reduces the time taken for scanning to alleviate the burden on users by selectively inspecting important folders, such as the process, booting area and the important systems. Users can run Smart Scan immediately from the home screen or from the tray icon in the taskbar below.


■ Must try features of V3

One of the security threats that have been consistently on the rise is pharming. Pharming is an attack tactic intended to redirect a website’s traffic to a falsified site where personal and financial information may be compromised. V3 provides Anti-Pharming feature to protect users against these attacks that continue to become more sophisticated every day. This feature detects malicious activities, such as DNS alterations, by using behavior-based detection technology, blocks user access to these sites and notifies this information to the user.


On top of security, V3 also provides several other features useful for general work and internet surfing. The most frequently used feature among the rest is System Optimization. There are many reasons, besides infections by malicious codes, which slow down your computer. For instance if the startup time or the Internet connection speed slows and lags, or if a program stalls, you can use V3's PC Optimization to improve your computer's performance.


This June, AhnLab plans to release an official patch to further improve V3's functions in detecting and treating malicious codes. AhnLab’s consistent efforts to strengthen its technology over the course of 29 years is probably the reason behind its occupancy of more than 60% of local AV market and expand to global market.