Commoditization of Anti Debugging Features in RATs - Part Two

0
October 09, 2008
Yet another piece of malware promoted as a RAT (remote access tool) includes what's turning into the defacto set of anti-debugging features within RATs.

As the authors point out, the Anti Virtual PC, VMware, Virtualbox, Sandboxie, ThreatExpert, Anubis, CWSandbox, Joebox, Norman Sandbox features inevitably increase the server size. Next to the product, there's always the managed service of ensuring a lower detection rate for binaries submitted to the authors.

About Dancho Danchev

Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com

0 Comments:

Subscribe to: Post Comments (Atom)