A New Attack Secretly Binds Malware to Legitimate Software Downloads

Status
Not open for further replies.

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 24, 2011
9,377
zamqmoxvn2hyekqfdswu.jpg


A team of researchers from Ruhr University in Bochum, Germany, has created a new kind of cyber attack where malicious code is able to be sent in parallel with a legitimate software download without modifying any code.

The new attack binds the malware to free and open source software, because there are fewer code signing and integrity checks in place for such downloads. It's unusual in the fact that the code isn't injected into the software, but rather bound to it. The researchers explain what that means:

"Since the original application is not modified one has the advantage that the malicious code can be of a larger size, and thus provide more functionality. Then, upon starting the infected application the binder is started. It parses its own file for additional embedded executable files, reconstructs and executes them, optionally invisible for the user."

What's more, anyone using such a technique would only need to control a single network point between the download server and the client—which means simple social engineering or network redirection could be enough to make it a reality. And the binding technique, which means that the original file is unaltered, means it wouldn't need to be buffered—avoiding the raising of suspicion.

Read more: http://gizmodo.com/a-new-attack-secretly-binds-malware-to-legitimate-softw-1624894033
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top