The Ethical Hacker Network - Self-cloaking malware

Home

Calendar

Certifications

Latest Additions
MS Blue Hat Hackers Headline Chicago Security Con The Pen Testing Perfect Storm Webcast Series with Skoudis, Wright, Johnson The IDA Pro Book Column 0: Human Exploitation 101 Intercepted! Windows Hacking via DLL Redirection What the Splunk? Spiceworks Redux: Review of v3 Aug 2008 Free Giveaway Sponsor - ChicagoCon Maltego Part I - Intro and Personal Recon June 2008 Free Giveaway - Winner

EH-Net Login

Welcome Guest.

Lost Password?

No account yet? Register

Who's Online
We have 33 guests and 1 member online

EH-Net Donations
Enter Amount: $

Google Ads

ChicagoCon 2008f
ChicagoCon 2008f

EH-Net News Feeds
Latest Additions

Book Recommendations

You are here: Home

Forum

Columns

RichM

Self-cloaking malware

Ethical Hacker Community Forums

October 06, 2008, 06:02:04 PM

Welcome, Guest. Please login or register.
Did you miss your activation email?

News: Registration Now Open for ChicagoCon 2008f Oct 27 - Nov 2! Visit www.chicagocon.com.

Home

Help

Calendar

Ethical Hacker Community Forums > Columns > RichM (Moderator: don) > Self-cloaking malware

Pages: [1] Go Down

« previous next »

	Author	Topic: Self-cloaking malware (Read 1655 times)
0 Members and 1 Guest are viewing this topic.

RichM

EH-Net Columnist
Newbie

Offline

Posts: 49

Self-cloaking malware

« on: June 05, 2007, 07:05:59 PM »

I just read an article that is about malware that is brilliant and unbelievably frightening simultaneously. Basically, if an infected machine is told to go to a hostile site and it has (the machine) already visited the site, the ip address is used to filter the infected machine to a "benign" page.

It goes without saying how much more difficult this can make it to identify what exactly is happening on the target machine. The full article is here: http://www.vnunet.com/vnunet/news/2191298/hackers-turn-genre-evasive

If you don't mind the minor headache of having to temporarily allow scripts to run, I highly recommend noscript.net


	Logged

jimbob

Sr. Member

Offline

Posts: 296

Re: Self-cloaking malware

« Reply #1 on: June 06, 2007, 12:46:35 PM »

Malware authors are using more and more tricks to hide their tracks and block inspection by security professionals. Encoded malware, selective delivery based on the browser type and many other techniques are regularly employed.

It keeps us on our toes I suppose. Never a dull moment.

Jim


	Logged

Pages: [1] Go Up

« previous next »

Jump to:

Page created in 0.044 seconds with 22 queries.

Microsoft Blue Hat Hackers Headline ChicagoCon
Ethical Hacking Conference Oct 31 - Nov 2

Help spread the word!

Polls

Why a Career in Ethical Hacking:

	Money
	Intellectual Challenge
	People/Community
	It's just plain fun.
	It's one of the few growing fields in a bad economy.
	It's legit AND I get to feel a little dirty.

Support EH-Net

ChicagoCon 2008f

Support EH-Net by
Buying all of your
Amazon items using
the search bar above.

Try CBT Nuggets Free!

Recent Forum Topics

News Items and General Discussion About EH-Net : [Article]-MS Blue Hat Hackers Headline Chicago Security Con (0) by don
OSCP - Offensive Security Certified Professional : Next Up OSCP101 v2.0 (8) by KrisTeason
Hardware : Encryption (3) by RoleReversal
Hardware : Cisco Security (5) by scucci
Other : Holiday Ideas (2) by don
Career Central : Help Getting Started (3) by dalepearson
Network Pen Testing : Hack me? (4) by dalepearson
Career Central : information security future (2) by dalepearson
Career Central : Computer Science degree vs. anything else? (3) by dalepearson
Network Pen Testing : What info can be obtained just from IP (6) by shakuni
News from the Outside World : Chertoff Pushes for Einstein 3.0 Cyber Counterattack System (0) by don
Murray : [Article]-Column 0: Human Exploitation 101 (2) by Kev
Forensics : career in computer forensics (7) by BillV
Tools : ServifyThis (8) by ChrisG
Other : Exploit Questions (10) by ChrisG
Tools : Cain & Abel v4.9.23 Released (0) by don
Wireless : IP address (4) by shednik
Malware : New DOS Attack Is a Killer.. (from Dark Reading) (6) by RoleReversal
Malware : Whitehat rootkits to prevent theft? (13) by Kev
Wireless : need info about hackin (3) by zals_hacker7
Wireless : Elvis Comes Back from Dead to Prove RFID Passports Lack Security (0) by Fathercat
Other : What Security Podcasts? (5) by slimjim100
Tutorials : Alright... (11) by shednik
Other : HIPAA Equivalent in the UK? (1) by NickFnord
Tools : SysInternals Update (0) by RoleReversal

Vote For EH-Net

progenic.com
Click here to Vote!

Sadikhov.com
Top IT Cert Sites

binarica.com

technorati fave

ChicagoCon 2008f

Privacy Notice
for TDCC & All Properties

Joomla! is Free Software released under the GNU/GPL License.

ChicagoCon 2008f

ChicagoCon 2008f Support EH-Net by Buying all of your Amazon items using the search bar above. Try CBT Nuggets Free!

ChicagoCon 2008f

ChicagoCon 2008f

Support EH-Net by
Buying all of your
Amazon items using
the search bar above.

Try CBT Nuggets Free!