Home > Security Channel News > Malware writers use anti-malware techniques in stealth attacks
Security Channel News:
EMAIL THIS

Malware writers use anti-malware techniques in stealth attacks

By Staff
19 Oct 2006 | SearchSecurity.com

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

As they've shifted from mischief to larceny, malware writers have become more stealthy – seeking to infiltrate a server or PC with a rootkit that can lay doggo while collecting passwords, customer records and other data.

More security resources for VARs and consultants
Building a firewall architecture: Step-by-step guide 

Implementing third-party patches on customer systems 

Two techniques currently in vogue play off the antivirus efforts of sysadmins. One is the use of virtual machines (VM), which the good guys use as honeypots to collect and then observe the activity of bits of malware. Some viruses now have the ability to check to see if it is running in a VM or on the actual operating system. Viruses that find themselves in a VM shut down, delaying detection and analysis, and giving other instances of the virus a better chance to propagate.

The other trick is to have the virus check to see if it is attached to a debugger by checking the amount of time it takes virus code to run. Too much of a delay is an indicator a debugger is in action, which shuts the virus down.

Security managers are also on the lookout for a more insidious technique – using a virus that has infected a VM to escape and infect the actual operating system – though that technique is still theoretical.

Read the original version of this story at TechTarget's SearchSecurity.com.



Tags: Malware protection and defense strategiesSpam, antispam and phishingVIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED CONTENT
Malware protection and defense strategies
Smartphone security software market shows strong potential for channel
Trend Micro's Worry-Free Business Security 6.0 extends partner opportunities
SenSage tapped to participate in McAfee's Sales Teaming Program
Agilex partners with HBGary to offer security forensic, assessment services
What is the future of antivirus or antimalware software?
Checklist: Five steps to assessing a customer's antivirus protection
Top security book excerpts of 2007
Virtual honeypots: Tracking botnets
Tracking botnets
Defending against bots

Spam, antispam and phishing
SonicWall to offer cloud-based antispam service
Book Chapter: Web hacking
What is the future of antivirus or antimalware software?
Common injection attacks
Checklist: Top five security assessment tools
Penetration testing tutorial for service providers
Nmap Tutorial: An introduction for VARs and security consultants
Open source spam management for Outlook: SpamBayes
Combating Dynamic Code Obfuscation
Email security appliances that fight phishers and spambots

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary

HomeNewsTopicsITKnowledge ExchangeTipsMultimediaWhite PapersBlogsEvents
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2006 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts