Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Parasitic IT viruses re-invented to lurk in host files.

Network Box : 11 April, 2008  (Technical Article)
A re-emergence of a form of virus which occupies spaces in existing files has been discovered by Network Box.
The security industry is witnessing a resurgence of parasitic malware, according to managed security company, Network Box. There is an increase in the old technique - whereby malware is added to existing files on a system - is being adapted by blackhats to create a new breed of increasingly-sophisticated viruses.

Network Box claims that one of the main reasons hackers have reverted to this old technique is because of a shift in their motivations from kudos and notoriety to financial gain, making it crucial for them to evade detection rather than draw attention to their activity. This has prompted them to adopt a number of insidious tactics, such as rootkits, P2P file sharing, drive-by download exploits and plausible graphics in order to increase infection rates.

Many types of files lend themselves to parasitic malware. Ideally, the requirement is that there is enough 'empty' space in a file for the blackhat to hide his/her code. The technique is sufficiently mature that moving code and data segments within a file is not problematic, allowing larger Trojans to be installed.

There is some encouraging news, however. Despite hackers' best attempts at covert code, they invariably leave behind clues that indicate malevolent activity, such as modified registry entries, new file types and increased file sizes.

Simon Heron, Internet Analyst, Network Box, says: "A hacker reverting to parasitic malware is akin to a film director re-inventing a genre - they each take an old, established technique and mix it with something new to create something fresh and effective.

"Parasitic malware is set to continue well in to 2008, and it's likely to become harder and harder to detect. Fortunately, hackers usually leave something behind in their coding that will allow security professionals to pick up the scent.

"The ultimate goal of any blackhat will be to hide their malicious activity so comprehensively that it cannot be discovered. By no means any easy task, but one that they will undoubtedly pursue."

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo