GOzues

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

I caught this on ITV, New malware 'nearly impossible' to wipe out - ITV News

and was wondering what are your thoughts are and if any, besides what they advise on ITV will be your response???

Eddie

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Response would be business as usual, arguably no different to other malware that's out in the wild.

It's just yet another 'thing' to deal with if you're involved in enterprise security, where you hopefully have plenty of lovely layers of controls in place to try and help mitigate something like this.

 

Decent malware has always been nearly impossible to spot.

Shellcode can be as little as 200 bytes, try finding that amongst terabytes, and that is without considering rootkits.

Encrypting or compressing data to fool 'deep-packet' inspection is trivial in most cases.

Its Game Over Zeus, you know, the greek god.

 

Exactly, hence why this will make little to no difference to people in the grand scheme of things.

Identifying malware itself is getting harder and more complex, it's something that needs to be complemented by or even driven by other methods such as anomaly detection or behavioural characteristics.

Given the right tools malware can be spotted and stopped, but it's not necessarily easy (or cheap!) to do it very well.