Malware in the Wild: Evolving to Evade Detection
Advanced malware is behind many headline-grabbing data breaches, and untold others. It has evolved to elude detection by sensing its environment and – if anti-malware technology is detected – performing evasive maneuvers. Once it gains entry, the malware can lay dormant until the attacker chooses to strike. Malware has also developed symbiotic relationships, with one type facilitating distribution of another type that exploits the compromised system (for example, GoZeus and Cryptolocker).
Large organizations are responding with sophisticated security tools and threat response teams. In a neverending digital arms race, cybercriminals have responded in turn by creating malware that can detect this new generation of security and essentially act benign or abort the mission if it’s about to be caught by a scanner.
In this presentation from SXSW Interactive 2015, I discuss new insights into the evolution of this class of evasive malware based on billions of files and URLs analyzed over a period of four years. I cover challenges to detection that industry and researchers currently face as well as recent research from Lastline Labs on the prevalence of sophisticated malware that hides in the Windows Kernel.
Enjoy! (You can also download the deck I used here).
Latest posts by Engin Kirda (see all)
- Being Secure While Working Remotely - May 26, 2020
- 5 Security Best Practices You Need in 2019 - January 31, 2019
- Online Survey Scams – New Machine Learning Experiment Uncovers that Over 90% of Surveys Are Not Legitimate - November 27, 2018
Latest posts by Lastline (see all)
- Choosing a VPN for Added Internet Security - March 23, 2020
- Emergency response: How construction companies should react to a hack - March 11, 2020
- Spam Campaign Leverages IQY Files to Distribute Paradise Ransomware - March 11, 2020