The Ethical Hacker Network - Self-cloaking malware

Home

Calendar

Certifications

Latest Additions

EH-Net Login

Welcome Guest.

Lost Password?

No account yet? Register

Who's Online
We have 30 guests online

Free Business and Tech Magazines and eBooks

You are here: Home

Columns

RichM

Self-cloaking malware

EH-Net

May 25, 2013, 11:03:15 AM

Welcome, Guest. Please login or register.
Did you miss your activation email?

News: Go back to The Ethical Hacker Network Online Magazine Home Page

Home

Help

Calendar

EH-Net > Columns > RichM (Moderator: don) > Self-cloaking malware

Pages: [1] Go Down

« previous next »

	Author	Topic: Self-cloaking malware (Read 6128 times)
0 Members and 1 Guest are viewing this topic.

RichM

EH-Net Columnist
Newbie

Offline

Posts: 49

Self-cloaking malware

« on: June 05, 2007, 07:05:59 PM »

I just read an article that is about malware that is brilliant and unbelievably frightening simultaneously. Basically, if an infected machine is told to go to a hostile site and it has (the machine) already visited the site, the ip address is used to filter the infected machine to a "benign" page.

It goes without saying how much more difficult this can make it to identify what exactly is happening on the target machine. The full article is here: http://www.vnunet.com/vnunet/news/2191298/hackers-turn-genre-evasive

If you don't mind the minor headache of having to temporarily allow scripts to run, I highly recommend noscript.net


	Logged

jimbob

Guest

Re: Self-cloaking malware

« Reply #1 on: June 06, 2007, 12:46:35 PM »

Malware authors are using more and more tricks to hide their tracks and block inspection by security professionals. Encoded malware, selective delivery based on the browser type and many other techniques are regularly employed.

It keeps us on our toes I suppose. Never a dull moment.

Jim