Complex Malware

Complex malware

Internet SafetyMalicious programs are evolving quickly in terms of their complexity and ability to conceal their presence on the system. Rootkits and code that infects and modifies system components, the main characteristics of today’s most dangerous and sophisticated threats, share the common goal of seeking to make themselves immune from eradication. It is often much easier to prevent infection by such threats in the first place than to try to repair the damage done to a computer that has already been infected.

Best Antivirus and Security Software Reviews

The elusive rootkit
In December 2006, rumors began to circulate among rootkit researchers that someone had created and released an ‘absolutely undetectable’ rootkit, Rustock.С, which could not be detected on computers where it was active by any of the existing antivirus or anti-rootkit solutions. A long search for the ‘mythical rootkit’ yielded no result. As a consequence, any information about Rustock.C was treated as a joke in circles close to rootkit researchers. This continued until May 2008.   read more…

Bootkit: the challenge of 2008
The evolution of MalWare 2.0 causes a range of problems for the antivirus industry. The most important, in our opinion, is the fact that traditional antivirus solutions, which are based exclusively on the use of signature or heuristic analysis of files, are unable to reliably combat virus attack.   read more…

ZeuS on the Hunt
Trojans in the ZBot family first appeared in 2007. Since their configuration is simple and they are easy to use to steal online data, ZeuS became one of the most widespread and best-selling of all the spyware programs available on the Internet’s black market.   read more…

Virus.Win32.Virut.ce
Virut.ce is one of the most widespread pieces of malware to be found on users’ computers. It infects executable files using the very latest techniques and that makes detecting and treating those files particularly difficult. The current means by which most malicious files are actively spread is server-side polymorphism. Infecting files is not as popular as it used to be about five years ago. This is largely because the level of file emulation has improved greatly. As such, you have to hand it to the authors of Virut.ce – they weren’t at all put off by the difficulties they faced in trying to infect executable files.   read more…

TDSS. Rootkit technologies
The TDSS rootkit first appeared in 2008. Since then, it has become far more widespread than the notorious rootkit Rustock. The rootkit’s malicious payload and the difficulties it presents for analysis are effectively similar to those of the bootkit. The bootkit infect (as its name suggests) infects the boot sector, ensuring that the malicious code is loaded prior to the operating system. TDSS implements the concept of infecting drivers; this means it is loaded and run at the very early stages of the operating system. This greatly complicates the detection of TDSS and makes removing it treatment a serious challenge.   read more

Black DDoS
Cybercriminals use a variety of bots to conduct DDoS attacks on Internet servers. One of the most popular tools is called Black Energy. To date, Kaspersky Lab has identified and implemented detection for over 4,000 modifications of this malicious program. In mid-2008 malware writers made significant modifications to the original version, creating Black Energy 2 .   read more…

Check Also

Protect Your Mobile Device

How to Protect Your Mobile Device from Viruses

Viruses are becoming harder and harder to detect, and with many different sources, it can …

Leave a Reply

Your email address will not be published. Required fields are marked *