Hack, Mutate, ReHack... and Repeat
November 2006
Mutate, fragment, hide: The new hacker mantra.
Hackers working for criminal gain are using increasingly sophisticated methods to ensure that the malware they develop is hard to detect and remove from infected systems, security researchers warned at this week's Computer Security Institute tradeshow in Orlando. The most popular of these approaches involve code mutation techniques designed to evade detection by
signature_based malware blocking tools; code fragmentation that makes removal harder; and code concealment via rootkits. Unlike mass_mailing worms such as MS Blaster and SQL Slammer, most of today's malware programs are being designed to stick around undetected for as long as possible on infected systems, said Matthew Williamson, principal researcher at Sana Security Inc.
The goal in developing such malware is not to simply infect as many systems as possible but to specifically steal usage information and other data from compromised systems, he said. An increasingly popular way of attempting this is with the use of polymorphic code that constantly mutates. Many malicious hackers also now use "packers" to encrypt malware to evade detection.
Source:http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9004967&source=rss_topic85
Mutate, fragment, hide: The new hacker mantra.
Hackers working for criminal gain are using increasingly sophisticated methods to ensure that the malware they develop is hard to detect and remove from infected systems, security researchers warned at this week's Computer Security Institute tradeshow in Orlando. The most popular of these approaches involve code mutation techniques designed to evade detection by
signature_based malware blocking tools; code fragmentation that makes removal harder; and code concealment via rootkits. Unlike mass_mailing worms such as MS Blaster and SQL Slammer, most of today's malware programs are being designed to stick around undetected for as long as possible on infected systems, said Matthew Williamson, principal researcher at Sana Security Inc.
The goal in developing such malware is not to simply infect as many systems as possible but to specifically steal usage information and other data from compromised systems, he said. An increasingly popular way of attempting this is with the use of polymorphic code that constantly mutates. Many malicious hackers also now use "packers" to encrypt malware to evade detection.
Source:http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9004967&source=rss_topic85
posted by arkietechs at 8:56 AM
0 Comments:
Post a Comment
<< Home