New Attack Bypasses Virtually all AV Protection

Status
Not open for further replies.

Osiris

Golden Master
Messages
36,817
Location
Kentucky
New Attack Bypasses Virtually all AV Protection


Researchers have devised a way to bypass anti-virus software using the ol' bait and switch. It sends a sample of clean code which passes security checks, then swaps it out afterwards with the malicious payload. It also is more effective on mulicore systems due to one thread often being incapable of overseeing other simultaneous threads.

"We have performed tests with [most of] today's Windows desktop security products," the researchers wrote. "The results can be summarized in one sentence: If a product uses SSDT hooks or other kind of kernel mode hooks on similar level to implement security features it is vulnerable. In other words, 100% of the tested products were found vulnerable."
 
Status
Not open for further replies.
Back
Top Bottom