Hackers deploy code obfuscation techniques

 

Gallery

By Rene Millman

Posted on 12 Jan 2007 at 15:10

Hackers are employing new methods to hide malicious code away from the attention of security products.

Called dynamic code obfuscation, the technique is used by an attacker to hide a malicious payload away from signature-based security products such as anti-virus and web filters. Hackers use different strategies to hid malware including providing each visitor to a malicious site with a different instance of obfuscated malicious code, based on random functions and parameter name changes.

According to security company Finjan, such techniques would require a signature-based product to scan against millions of different signatures in order to detect the existence of this particular piece of malicious code and to block it.

'Dynamic code obfuscation techniques are the latest salvo from hackers in the ongoing battle of wits between security vendors and their hacker opponents,' said Yuval Ben-Itzhak, Finjan's Chief Technology Officer.

'Over the years, each time a new type of attack appears in the wild, security companies scramble to create a solution. Then, as soon as the hackers become familiar with the newest defence, they devise a new method to circumvent it,' he said.

He said that hackers have begun to take advantage of new web technologies to create complex and blended attacks.

'With their creation of dynamic obfuscation utilities, which enable virtually anyone to obfuscate code in an automated manner, they have dramatically escalated the threat to web security,' he said.