The fact that the malware evaded detection proves how well the attackers did their job. In the case of Stuxnet and DuQu, they used digitally signed components to make their malware appear to be trustworthy applications. And instead of trying to protect their code with custom packers and obfuscation engines — which might have drawn suspicion to them — they hid in plain sight. In the case of Flame, the attackers used SQLite, SSH, SSL and LUA libraries that made the code look more like a business database system than a piece of malware.Sounds like Poe's "The Purloined Letter" which was hidden in plain sight but missed
FINEST KIND CLINIC AND FISHMARKET.... Discussing medicine, culture, and the joys of cooking Pansit.
Sunday, June 03, 2012
Hide in plain sight
Wired article on why the anti virus experts missed the big three viruses:
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment