Free Republic
Browse · Search 		News/Activism
Topics · Post Article

To: Calpernia

Wednesday, July 14, 2004

Worm tries to foil anti-virus researchers

Gregg Keizer, TechWeb News

A new worm tries to slip past anti-virus researchers by shutting down their debugging tools, a security firm said this week.

Atak, which was discovered Monday [US], attempts to terminate any debugger, the tool researchers use to probe virus and worm code they've captured.

"It's really just a lame attempt to stop people who are tying to research it," said Patrick Hinojosa, the chief technology officer of Panda Software. "But any researcher worth his salt will blow right past that."

Although not a serious threat, Atak is another example of how hackers try to complicate the lives of anti-virus researchers.

For instance, numerous worms now include code that tries to shut down specific anti-virus and firewall products, and in years past, viruses "armoured" themselves against probing by making it difficult for debuggers to even open the payload file.(snipped)

http://www.itnews.com.au/storycontent.asp?ID=9&Art_ID=20535


1,731 posted on 07/13/2004 10:28:31 PM PDT by Honestly (There is nothing so likely to produce peace as to be well prepared to meet the enemy.)
[ Post Reply | Private Reply | To 1720 | View Replies ]

To: Honestly

>>>>A new worm tries to slip past anti-virus researchers by shutting down their debugging tools, a security firm said this week.

Yup. I don't think it is new. I've noticed I've been victim to these things 6 months prior to any "New" announcements :(


1,737 posted on 07/13/2004 10:43:38 PM PDT by Calpernia (Innocence seldom utters outraged shrieks. Guilt does.)
[ Post Reply | Private Reply | To 1731 | View Replies ]

Free Republic
Browse · Search 		News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson