Tuesday, January 25, 2011

The Virtuoso Virus

Carberp has got to be the best name for a computer virus I've heard yet in 2011. But in fact it has nothing whatsoever to do with cars and is instead a piece of banking malware that is so newly emerged no one has done a Wikipedia entry for it yet (Good opportunity for some lucky super-geek out there!).

Carberp is a data stealing Trojan that infiltrates a user's computer covertly and disguises itself as a legitimate piece of software. Like many pieces of existing malware Carberp also removes anti-virus software. However where Carberp has gone all 2.0 and taken malware to the next level is that it has the ability to upgrade itself automatically. Jeez . . I wish my web browser program was that convenient.

The program was first discovered back in October and is designed to attack users who operate on a Windows based system. The key factor that makes researchers want to keep on eye on Carberp is that like the Zeus virus before it, Carberp represents a new level of sophistication. But whereas Zeus could only make HTTP requests in one key, Carberp can use a different random key every time it makes such a request. You are now probably wondering what this means in English so I'll tell you.

Most security software monitors traffic signatures to detect and root out potential threats. Carberp's ability to change keys so fluidly allows it to evade this manner of detection. This could make it potentially very hard to stop.

In soccer some players repeatedly make the same play. You know it's coming but it can still be hard to stop. However some players are capable of coming at you in a million different ways and are completely unpredictable. Players like that are much harder to stop. If Carberp played soccer you better believe it would be such a player.

No comments:

Post a Comment