1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.


Discussion in 'Computer Security' started by zxspectrum, Jun 2, 2014.

  1. zxspectrum

    zxspectrum Gigabyte Poster Premium Member

    I caught this on ITV, New malware 'nearly impossible' to wipe out - ITV News

    and was wondering what are your thoughts are and if any, besides what they advise on ITV will be your response???

    Certifications: BSc computing and information systems
    WIP: 70-680
  2. Monkeychops

    Monkeychops Kilobyte Poster

    Response would be business as usual, arguably no different to other malware that's out in the wild.

    It's just yet another 'thing' to deal with if you're involved in enterprise security, where you hopefully have plenty of lovely layers of controls in place to try and help mitigate something like this.
  3. dmarsh

    dmarsh Terabyte Poster

    Decent malware has always been nearly impossible to spot.

    Shellcode can be as little as 200 bytes, try finding that amongst terabytes, and that is without considering rootkits.

    Encrypting or compressing data to fool 'deep-packet' inspection is trivial in most cases.

    Its Game Over Zeus, you know, the greek god.
    Last edited: Jun 2, 2014
    Certifications: CITP, BSc, HND, SCJP, SCJD, SCWCD, SCBCD, SCEA, N+, Sec+, Proj+, Server+, Linux+, MCTS, MCPD, MCSA, MCITP, CCDH
  4. Monkeychops

    Monkeychops Kilobyte Poster

    Exactly, hence why this will make little to no difference to people in the grand scheme of things.

    Identifying malware itself is getting harder and more complex, it's something that needs to be complemented by or even driven by other methods such as anomaly detection or behavioural characteristics.

    Given the right tools malware can be spotted and stopped, but it's not necessarily easy (or cheap!) to do it very well.

Share This Page