Saturday, November 30, 2013

CPE: McAfee AudioParasitic: Episode 36: malware distributed via P2P

length: 00:23:02
malware distributed via P2P: typically file with mp3 & mpeg extension, but actually ASF tfile that when run will force window media player to navigate to an URL & that URL is an executable

high percentage of limewire search result are those rough media file format

some give you the impression that you need code & show you where to download the codec, which is an executable file when it’s run, it gives error message, meanwhile in the background  is downloading more trojan and malware , mainly adware and spyware

nuwar: never show up in the top 10

is some  respect this is kind of old school adware company .

Previously many big player kinda closed up shopw after the federal trad commission went ahead with lawsuit against them.

Race to Zero a contact that will be held in Def Con:
Ppl give some sample and they have to get them pass through all scanners
Static AV testing has its limit.

Encouraging people writing AV evasion is bad

The fact that they wont share the share the sample/code- we cant check whether the attack really works, whether we are aware of the method, whether they testbed is correct – they do whatever they will

Labels: ,


Post a Comment

Subscribe to Post Comments [Atom]

<< Home