17 Jan 2010
Win 7 Ultimate 64-bit. SP1.
Dangers Of Virus Signature Checksum.
Malware authors are not stupid.
When they recognise their creations have been blocked by a particular anti-virus, they resort to finding ways around it so that their new creations would slip through the detection.
To stay ahead of the malware race is the first and foremost priority of a virus analyst. And when it comes to creating anti-virus signatures, it is important to known when and where not to write a checksum detection on the file.
Fake anti-virus malware are particularly notorious in this respect.
What this group of malware authors do is write a simple application to foil automated checksums. Some of these applications are simple in some respects.
Take for example, the following 2 pieces of malware. Looking at their resources, it would appear at first sight that the icons of both pieces of malware are one and the same.
Source - Dangers Of Virus Signature Checksum | SophosLabs blog
|My System Specs || |