|17 Jan 2010||#1|
| || |
Dangers Of Virus Signature Checksum.
Malware authors are not stupid.
When they recognise their creations have been blocked by a particular anti-virus, they resort to finding ways around it so that their new creations would slip through the detection.
To stay ahead of the malware race is the first and foremost priority of a virus analyst. And when it comes to creating anti-virus signatures, it is important to known when and where not to write a checksum detection on the file.
Fake anti-virus malware are particularly notorious in this respect.
What this group of malware authors do is write a simple application to foil automated checksums. Some of these applications are simple in some respects.
Take for example, the following 2 pieces of malware. Looking at their resources, it would appear at first sight that the icons of both pieces of malware are one and the same.
Dangers Of Virus Signature Checksum | SophosLabs blog
|My System Specs|
|Similar help and support threads for2: Dangers Of Virus Signature Checksum.|
|CMOS Bad Checksum||General Discussion|
|The dangers of open wireless networks........||Security News|
|Dangers of Overclocking?||PC Custom Builds and Overclocking|
|The potential dangers of Microsoft's secret patches||News|
|The Dangers Of Freebies.||Security News|