Q

Code mutation, fragmentation and concealment: Hacker techniques to watch

Understand the methods behind the newest forms of hacking, and help customers stay on top of them with this expert advice.

I have been following the recent buzz about new hacker techniques, including code mutation, code fragmentation and code concealment through rootkits. What recommendations can I make to customers concerned with these new hacking methods?

The three attacks you've mentioned, code mutation, code fragmentation and code concealment through rootkits, are

some of latest evolution of new malicious code generation techniques. All are designed to make it harder to detect the virus or rootkit, and take the concept of the polymorphic virus one step further.

These programs are being designed to stick around undetected for as long as possible on infected systems. Some malware designers use "packers" to encrypt malware to evade detection.

Others use different routines for decrypting the code to create a virtually unlimited number of mutations, such as the Trojan Swizzor did recently.

Swizzor repacked itself once a minute to get past signature-based tools that work only if they know precisely what to block. Swizzor also recompiled itself once every hour.

Zero-day attacks using well-concealed Trojans present a serious challenge to the security professional. Therefore it's very important to rely on a security product or group of products that really stays on top of current threats and vulnerabilities.

Of course, all of the usual steps your customers take to prevent any type malware always need to be taken, and may help prevent some of these exploits.

This was first published in January 2007

Dig deeper on Threat management and prevention

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

MicroscopeUK

SearchCloudProvider

SearchSecurity

SearchStorage

SearchNetworking

SearchCloudComputing

SearchConsumerization

SearchDataManagement

SearchBusinessAnalytics

Close