Most Malware Use File Packing To Escape Detection
It has been examined by Panda labs that 78% of new malware make use of file packing to avoid detection. File packing refers to minimizing the size of an executable file, usually through compression. Not only that, this software can also help the malicious files installed on computer to escape detection, making them even tougher to be traced by antivirus solutions.
As per Panda labs there are above 500 various kinds of packers available in the market, which could be used by the hackers. For example, the most frequently used is UPX seen in 15% of the malware detected. PE compact and PE are used in 10% of the malware detected.
According to the news by Help Net Security on June 5, 2007, technical director of Panda labs, Luis Corrons describes it as a stealth technique. He also added that the greater use of this software shows the eagerness and excitement of the hackers on their creation which is undetectable.
Generally, the cyber criminals blend these tools with various harmful files in one packer. This enables them to escape detection and also allow the deadly files to effectively download more viruses.
The Conycs.pa Trojan is the most prevalent code, which used packers in the past few months and also downloaded various codes viz. Clagge.G Trojan and Rinbot.Q Worm that's spread by misusing various Windows' mistakes.
According to the news by Networking News in the last week of May, Corrons said, these kinds of deadly codes prove to be more advantageous and simpler for hackers than the phishing attack. As the creators of malware do not need a hosting service to host the spoofed web page, there are minimum chances of detection and the hackers assure their success in the crime.
According to the news by Help Net Security on June 5, 2007, Corrons said that it becomes very difficult to distinguish between malware and good ware just by the packer as both are covered with legal programs. He also suggests that the mail should be checked before it reaches the system and the security companies should be capable to detect packed malware before the user uses it.
Related article: Most SMEs Suffer Due to Inadequate IT Security
» SPAMfighter News - 20-06-2007