Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Archive for November 28th, 2009

Malware Stego With Proper English

with one comment

Hackers could evade most existing antivirus protection by hiding malicious code within ordinary text, according to security researchers.

One of the most common ways of hijacking other people’s computers is to use “code-injection” attacks, in which malicious computer code is delivered to and then run on victims’ machines. Current security measures work on the assumption that the code used has a different structure to plain text such as English prose.

Now a team of researchers has highlighted a potential future theatre in the virus-security arms race by working out how to hide malware within English-language sentences.

Though this is a hard exploit to pull off because of all the groundwork that needs to go into it, it is a novel approach for say, a nation state actor such as China to try huh? Of course they would have to work a bit harder at using English properly and not go for the pidgin English that they are known for now in coding sites and malware at times. Imagine just getting infected from a grammatically correct http page on the internet eh?

This exploit would be classic steganography though. Lets see if this exploit shows up somewhere in the future….

“English Shell Code”

Written by Krypt3ia

2009/11/28 at 12:48