New malware could knock out antivirus systems
December 12th, 2011 - 7:30 pm ICT by IANSWashington, Dec 12 (IANS) A dangerous new breed of malware or malicious software could knock out computer security systems, leaving them exposed to cyber attacks or hostile governments, warn researchers.
Murray Brand, senior lecturer in computer science at Australia’s Edith Cowan University, says the processing power needed to scan for and delete malware may soon outstrip the capacity of most computers.
This could flood the target system with a massive volume of malware or hide malicious-looking code in good programmes to force them or the entire system to be taken offline, or acting as a decoy for the real attack coming from another angle.
Brand said antivirus software is already struggling to keep up with the growing volume of malware rapidly appearing on the internet, more than 75 million by the end of 2011, according to a varsity statement.
Most of the components for a malware rebirthing botnet exist and with cyber crime being more lucrative than drug trafficking, it is likely that a similar model will be functional in the near future, he said.
The attacker would first use a worm to create a botnet of infected slave computers, then upload a “honeypot” programme to attract and capture other malware from the internet.
The captured malware would then be sent back to the attacker and altered in, what Brand calls, a rebirthing suite, improving its defences against antivirus programmes with anti-analysis tools and tailoring them for the coming attack before distributing them among the botnet.
The attacker now has an array of advanced, customised malware that are extremely difficult if not impossible for antivirus programmes to detect and that can be deployed against a target system from multiple angles.
“Recognition of malware is dependent upon an analyst having already analysed the behaviour of the malware and extracted an identifying signature,” Brand says.
If the new malware is significantly different to any known malware, antivirus software is unlikely to recognise the threat until the malware has disabled it.
- Experts think up smarter honeypot traps to track malware - Feb 27, 2010
- Beware of attack tool kits from malicious websites: Symantec - Jan 25, 2011
- Indian IT experts devise technique to fight deadly bots - May 17, 2012
- BLADE software eliminates threats of 'drive-by downloads' from Internet - Oct 07, 2010
- Cyber threats forecast for 2011 released - Oct 08, 2010
- Indian home ministry computers under virus attack - Aug 16, 2010
- Apple asks Russian anti-virus firm to improve OS X security - May 15, 2012
- AV Security Suite: Wolf In The Clothing Of Lamb - Jun 08, 2010
- Malicious software links featuring bin-Laden's pics could be a virus: FBI - May 04, 2011
- Cyber criminals to target social networks, mobile devices: Security Report - Apr 06, 2011
- Arrests made in malware fraud case which infected millions of computers worldwide - Nov 10, 2011
- A worm in the apple: Macs in crosshairs of hackers - Aug 31, 2009
- Now, a tool to arm cyberspace against malware - Sep 21, 2012
- 300,000 computers with deadly virus to lose internet: FBI - Jul 08, 2012
- Computers with deadly virus to lose web link: FBI - Jul 05, 2012
Tags: analysis tools, attacker, computer science, computer security systems, cyber attacks, cyber crime, decoy, defences, drug trafficking, edith cowan university, entire system, malicious software, massive volume, new breed, new malware, processing power, rebirthing, senior lecturer, signature brand, target system