Attackers Evade Detection Using New Method
March 2nd, 2007Further exposing the weaknesses of signature-based detection, cybercriminals have developed a new method to hide malicious code to evade detection.
Called dynamic code obfuscation, the method alters virus code using a different set of functions, parameter names and encryption keys for each user! For example, if two people visit a malicious Web site at the same time, each person will get a different encrypted or obfuscated code, generated on the fly.
“Security vendors that post security updates to their customers will need to theoretically create millions of signatures for their customers.”
– Yuval Ben-Itzhak,
Chief Technology Officer, Finjan Inc.
Article: “Attackers hide malicious code using new method“
March 4th, 2007 at 8:47 pm
[...] This week’s security alerts include malware targeting security software and malware authors using encryption and code obfuscation to defeat signature based defenses. [...]
March 29th, 2007 at 9:29 am
All the more reason to use use deny-by default, trusted systems that prevent unauthorized actions by any malware.
External threats are increasing exponentially.
April 25th, 2007 at 3:33 pm
Speaking of security absurdities:
“Total malware volumes grew “dramatically” during the first three months of 2007 as the majority of malicious code writers began targeting the web, new research warned today”
http://www.vnunet.com/vnunet/news/2188497/total-malware-volumes-grow