World's best threat detection pwned by HOBBIT

  • 28 November 2014
  • 0 replies
  • 520 views

Userlevel 7
Badge +54

Forget nation-states, BAB0 is the stuff of savvy crims

By Darren Pauli, 28 Nov 2014  Some of the world's best threat detection platforms have been bypassed by custom malware in a demonstration of the fallibility of single defence security.
Five un-named top advanced threat detection products were tested against four custom malware samples written by researchers at Crysys Lab, Hungary.
 The most capable of the malware samples, dubbed BAB0 (or 'Hobbit' in the researchers' native tongue), slipped past each product having infected through image steganography, a feat within the capabilities of savvy criminals.
"It was designed to be as stealthy as possible, and utilises multiple methods to avoid detection," the lab's seven researchers wrote in a paper titled An independent test of APT attack detection appliances.
 
Full Article

0 replies

Be the first to reply!

Reply