Governments Find Techniques to Combat Malware Attack on their Websites

As per recent reports, cyberpunks who target federal websites might very soon fall in the pit they dig for others. Soon, the governments will also be able to use the malware of hackers to retaliate. In fact, some governments have even started with this mission so as to stop malicious cyber attacks.

Reportedly, Andrzej Dereszowski, a security consultant, demonstrated his proof-of-concept (PoC) idea at Black Hat Europe Conference that was held from April 12 to April 15. The expert used reverse-engineering concept to execute his experiment.

His PoC used a buffer overflow vulnerability in malware. The bug was in a compromised PDF that was sent to a pharma firm.

The expert further said that he stared by assuming that in his research the PDF attacker had made use of a toolkit openly available on the Internet. He found this toolkit to be Poison Ivy Trojan toolkit, according to the statement published by darkreading.com on April 19, 2010. To carry out malware' static analysis, he broke into the obfuscated code in the notorious Trojan tool.

As per the reports, PoC was running in the virtual machine of Dereszowski, opposed to its own C&C (command-and-control) server.

He noted that using this approach, if someone needs to launch attack on the attacker's C&C server, theoretically a lot of damage could be made as one would enjoy complete access to their host. However, it also depends on what protections these attackers have in place.

The expert said that as far as there is an access to server and malcode of the attacker, the retaliation is applicable to other trojans as well, like the pervasive Trojan Zeus, as per the statement published by gcn.com on April 21, 2010.

To conclude, according to the expert, in actual terms, such an attack would definitely be unlawful for the victim firm to execute. So, the chief objective with which he conducted the research was to explain that one can use certain techniques to counterattacktargeted cyber attack which is already on progress. Moreover, this new research throws light on the option of at least identifying loopholes in the targeted attacks.

Related article: Government Sways in Fresh Data Breach Scandal

» SPAMfighter News - 5/3/2010