Members
  • Total Members: 14176
  • Latest: toxxxa
Stats
  • Total Posts: 42866
  • Total Topics: 16075
  • Online Today: 1580
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)









Post reply

Name:
Email:
Subject:
Message icon:

Verification:
Type the letters shown in the picture
Listen to the letters / Request another image

Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

shortcuts: hit alt+s to submit/post or alt+p to preview


Topic Summary

Posted by: Amker
« on: 25. August 2007., 16:46:45 »

This has got to be the worst case scenario ever! I have never seen such hacker geniality before. Malware creators have recently designed a new type of trojan called Prg. We all know trojans can't do much to a 
computer, and neither does this one, but it's great at stealing data. The really impressive part  is that it seems
impossible for any of the anti-virus developers to be able to take it down.

What this virus does is mutate, like the cyber-stuff you see in movies. It does not have a simple form, its code can modify itself so that no anti-virus can combat it. Whenever the code changes, though the virus does the exact thing every time, it is perceived as something the security software has not seen before so it can not properly identify it. And as you know, anti-viruses can't fight malware they don't recognize. It is clear that this trojan has not been created by a newbie and has not been designed using a classic template, rather its code is unique and made just for it, as eWeek tells us.

Now, on code mutations, the basic functions are the same, while code may change in two ways. One thing Prg can do is simply add some bogus code to itself, operation that will do absolutely nothing, but that will change the way the whole code looks like. In techie tongue, these are called "null operations". But this is not its only feature – it can also compose code by itself, for example, it "knows" several ways of getting to the same result, therefore, it can create many functions (either simpler or more complicated) that will get to the same results, as has been disclosed by SecureWorks expert, Don Jackson.

One thing that we know for sure is that this Trojan has infected a lot of job search sites. Just think about it, rather than convincing users trough spam to click on links and all that complicated stuff, they just infect websites from which they are bound to get a lot of information from all of the users, not just from gullible ones that click on dubious links. According to eWeek, the victims are infected through the very adds on the job search sites and then the trojan just phishes the data, close to 50.000 being affected by Prg by now.

This has simply astonished me, and I wonder if the virus can run out of ways of modifying its code so that it may be finally repelled. In any case, I can't wait to see how security experts are going to deal with this!
Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising