Malware That Protects Itself From Being Detected By Both Debugging And Network Scanning Techniques

There has always been a constant race between the white hats and the black hats in the computer security community. It is like the old comics that you would see in the back of old Mad magazine articles. The comic was called Spy versus Spy. What the comic entailed was that these two spies, one being dressed in white and the other one dressed in black, would go head to head against each other. They would find new weapons to attack each other with. Each time that they would find a new weapon it would be bigger and better than the opposing spy. It would finally get to a point that the weapons were so out there and so insane that the opposing spy would either get killed or be killed by some insane manner with this new crazy weapon. This is not unlike the cyber war that goes on today.

protected-malware

In the cyber war on the internet, you see something new all of the time that you would have never seen even just a few years ago. With the processing power of computers going up and people having more memory in their system than ever before, you are seeing the bad guys come up with techniques that were way more bold than in the past. They have more power and more room to operate and so they are taking advantage of it. They do not plan on quitting their job anytime soon so they have to be able to innovate.

Innovation is very important in the life of a malware writer these days. Even though it seems like there is malware all over the place, the reality is that our computers have never been more secure. We have more security software and more security techniques than ever before. This means that your system has a lot of protection on it that it would have never had just ten years ago. The problem is that since it is much harder to write malware these days, the bad guys have to get smarter people to do it. Or they themselves have to be smarter if they are a one man operation. Yes, there are cyber gangs these days and some are backed by real life criminal organizations so do not think that you are only going against some geek in the basement.

Just recently there have been reports leaking of a new type of malware that is hitting Facebook. It particular the malware is targeting Facebook applications. While this is not the first time that a piece of malware has targeted Facebook, what is different this time is that the malware is not able to be detected by the normal means. Professionals have been not been able to see it until recently because it did a good job at covering its tracks. You cannot detect the malware by using the traditional means of a professional such as using a debugger or network analysis. That is because the malware has been encrypted. It is able to fool all of the usual tools that would have normally detected it. It has finally been discovered but it took a lot of hard work and a lot of outside of the box thinking.

We are going to start seeing more and more of this. The bad guys are not just going to sit still and watch the good guys stop them. They are going to come up with more ways to bypass the systems that are up. It is going to be an eternal war between the two.

About Lee Munson

Lee's non-technical background allows him to write about internet security in a clear way that is understandable to both IT professionals and people just like you who need simple answers to your security questions.

Comments

  1. Malware writers are indeed getting smarter an finding new ways to do things, encrypting is is just one more way for them to not only hide it but it makes it harder to take a close look at it so a defense can be set up against it, seems the good guys will always be a step behind, thats why keeping security programs updated is so important and using a layered defense is a good idea.

Speak Your Mind

*