English Deutsch Español Français Italiano Portuguese Čeština Ελληνικά 中文(简体) 中文 (繁體) Tiếng Việt 日本語 ภาษาไทย Русский Български Nederlands Polski Svenska Norsk Dansk Suomi

McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

Compatible with Windows 7

Works with Windows Vista

SPAMfighter is

Microsoft Gold Certified Partner

Finjan Calls for Caution Against Obfuscated Code

In its report titled "The Malicious Page of the Month", security firm Finjan reveals that one desktop computer at a company (name not disclosed) was infected by an information-stealing Trojan. Furthermore, the attack was successful as the company's Web filters and anti-virus software could not recognize the scrambled attack code.

Security researchers state that obfuscating a malicious code on legitimate Websites and disguising the normal variables that form a signature solution is now the most frequently employed technique of attack. Obfuscation could be used as a simple encryption to layered program in a malware design. The objective is to disguise the malware to such an extent that the anti-virus systems either miss it or neglect its presence.

Besides, the researchers stated that insertion of malware into an authentic Website fulfils two purposes of the cyber crook. The first is that an authentic site receives more traffic; thus, raising the infection rate. The second relates to most filters allow the site to be visible, implying that whenever a file is downloaded, it is likely penetrate the preventive firewalls that content filtering devices use.

Meanwhile, in an acknowledgement, anti-virus companies, including Symantec, which owns SecurityFocus, said that the powerful obfuscation of attack code makes it much harder to maintain software protection appliances. Last year (2007), the aggregate number of variants of computer viruses climbed to half a million, over a double of the preceding year, because cyber criminals employed obfuscation tactics to create multiple attacks from a single computer virus.

Furthermore, the security agency discovered that 80% of the malware it confronted online had been obfuscated.

Apart from this, the firm also indicated that the employment of powerful code obfuscation continues to attain newer degrees of attack sophistication and prevalence on the net. It has also become the criminals' weapon-of-choice as it effectively bypasses the conventional signature-based solutions.

However, for the case that Finjan has presented, the actual protection is patching. Since the Trojan exploited security flaw in the Web browser, using appropriate patches can be the only solution to fix the flaw.

» SPAMfighter News - 15-11-2008

Bookmark and Share
Twitter Facebook RSS

SPAMfighter box shot

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail and Thunderbird

Optimize Slow PC

Optimize your Slow PC for better performance. Try FREE scan now

Exchange spam filter

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial

 

Spyware remover

Remove Spyware with SPYWAREfighter - Free 30 days trial


anti virus

Antivirus software for your Windows PC - Free 30 days trial

<<<>>>