Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Security Programming IT Technology News

Stealing Data With Obfuscated Code 101

Posted by Soulskill
from the malware-arms-race dept.
Weblver1 writes "A recent report by web security firm Finjan shows how easily data can be accessed on PCs by malware which circumvents existing defenses. With the use of obfuscated code, antivirus software and static Web filters could not identify the scrambled attack code as a threat. The report walks through a real-life scenario of the infection process step-by-step, and tracks what happens to the stolen data. This demonstrates how stealing sensitive data has become unbearably easy — especially, given the abundance of easy-to-use DIY crimeware toolkits. Finjan's report is available here (PDF, registration required). Shortly after this report, Security firm RSA has released their findings of a huge amount of stolen 'virtual wallets' in one of the largest discoveries of stolen data from computers compromised by the Sinowal trojan. While the trojan can be traced back to 2006, it managed to become more productive over time with frequent variants. Given the scale, ease of use, and hiding techniques making infections extremely difficult to find, no wonder today's crimeware achieves such 'impressive' results."
This discussion has been archived. No new comments can be posted.

Stealing Data With Obfuscated Code

Comments Filter:

"What is wanted is not the will to believe, but the will to find out, which is the exact opposite." -- Bertrand Russell, _Sceptical_Essays_, 1928

Working...