Finjan Calls for Caution Against Obfuscated CodeIn its report titled "The Malicious Page of the Month", security firm Finjan reveals that one desktop computer at a company (name not disclosed) was infected by an information-stealing Trojan. Furthermore, the attack was successful as the company's Web filters and anti-virus software could not recognize the scrambled attack code. Security researchers state that obfuscating a malicious code on legitimate Websites and disguising the normal variables that form a signature solution is now the most frequently employed technique of attack. Obfuscation could be used as a simple encryption to layered program in a malware design. The objective is to disguise the malware to such an extent that the anti-virus systems either miss it or neglect its presence. Besides, the researchers stated that insertion of malware into an authentic Website fulfils two purposes of the cyber crook. The first is that an authentic site receives more traffic; thus, raising the infection rate. The second relates to most filters allow the site to be visible, implying that whenever a file is downloaded, it is likely penetrate the preventive firewalls that content filtering devices use. Meanwhile, in an acknowledgement, anti-virus companies, including Symantec, which owns SecurityFocus, said that the powerful obfuscation of attack code makes it much harder to maintain software protection appliances. Last year (2007), the aggregate number of variants of computer viruses climbed to half a million, over a double of the preceding year, because cyber criminals employed obfuscation tactics to create multiple attacks from a single computer virus. Furthermore, the security agency discovered that 80% of the malware it confronted online had been obfuscated. Apart from this, the firm also indicated that the employment of powerful code obfuscation continues to attain newer degrees of attack sophistication and prevalence on the net. It has also become the criminals' weapon-of-choice as it effectively bypasses the conventional signature-based solutions. However, for the case that Finjan has presented, the actual protection is patching. Since the Trojan exploited security flaw in the Web browser, using appropriate patches can be the only solution to fix the flaw. » SPAMfighter News - 15-11-2008 | SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail and Thunderbird Optimize your Slow PC for better performance. Try FREE scan now SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial
Remove Spyware with SPYWAREfighter - Free 30 days trial |
| <<< | >>> |















