donderdag 5 april 2012 22:07 Tom Decaluwé

Malware stealth, be aware of the trends

I have been on the IT security landscape for quite some time now and one of the things I have been facing more and more the past few months is discussions about how important anti-virus software is.

When you where in the IT security industry 10 years ago virus was the buzz word, they where vicious things that needed to be eradicated at the root.

However as time has progressed and technologies evolved viruses changed into Malware and where they used to be targeted at showing the world the code name of their creators and spreading the word, they are now made to be as stealthy as possible and live hidden in systems collecting data.

One of the most scary trends I have been seeing is the tendency of malware to be digitally signed sometimes with stolen certificates of highly trusted parties the most notorious one being stuxnet signed by JMicron and Realtek. It’s important for IT-pro’s to be aware of these trends so they know what to look for and can continue to keep their business executives and end-users on the alert.

As malware becomes more stealthy by design, and the overall end-user’s indifference towards the importance of data confidentiality grows, our task as security conscious IT-Pro will grow even more “exciting”.

If you want some extra insight into the malware Signing problem, head out to this article by Craig Schmugar who works for Mcafee

http://blogs.mcafee.com/mcafee-labs/signed-malware-you-can-runbut-you-cant-hide