Malware: New Attacks Evade DetectionResearcher Describes Latest Threats
It's not just anti-virus software these latest attacks have learned to circumvent, says Maor, a fraud prevent solutions manager for the online security company. "These attacks are trying to evade the [malware] researchers," he adds.
While many of the malware strains used in the new generation of attacks are not new, the attacks, because they are using new techniques to get around researchers' common tools of detection, are able to go undiscovered for weeks or months at a time, Maor adds.
And the longer the malware goes undetected, the more information the fraudsters are able to glean about the users whose computers they infect, he explains during this interview with Information Security Media Group.
The same new attack techniques being used with banking Trojans also are being applied to many of the malware strains, such as Dexter and BlackPOS, that are targeting retailers, Maor says.
"We're seeing a rise in the number of POS-dedicated malware [strains], too," he says. "The point-of-sale malware that is out there also knows how to get around detection."
This is why information sharing, across industries and regions, about emerging malware strains and attack methods is becoming increasingly critical, Maor says. "People understand that in order to understand these attacks, you have to share information," he says.
During this interview, Maor also discusses:
- Why emerging POS and online bank account malware strains are increasingly similar
- How criminals are sharing information about ways to evade detection and researchers;
- The risks posed by Microsoft's dropping of support for its XP operating system next month.
At Trusteer, an IBM company, Maor leads fraud fighting and threat awareness projects. A security evangelist, he regularly presents at industry events and academic master classes and volunteers for educational security awareness programs. Previously, he was the head of RSA's Cyber Threats Research Labs, where he managed malware research and intelligence teams.