Malicious Code Packing Ups Security Arms Race Ante

Attackers packing, or compressing, malicious code to make it more difficult to detect and analyze may have to invent a new technique to smuggle their wares inside the corporate gateway.

Encryption, compression and other code modifications are making it harder to analyze malicious code, which ultimately increases the challenge of protecting systems against malware, said Lenny Zeltser, a volunteer handler at the SANS Internet Storm Center and the information security practice leader at Gemini Systems in New York. "It seems that virtual machine detection is gaining popularity among malware authors, as part of other self-defense techniques, such as detecting the presence of a debugger and other malware analysis tools," he said.
Malicious Code Packing Ups Security Arms Race Ante - Security Feed - Blog - CSO Magazine

Linked by shanmuga Wednesday, 22nd November 2006 2:12AM