+ - Trojan Takes Extended 'Naps' To Avoid Detection->
Submitted
by
chicksdaddy
chicksdaddy writes "Even the bleakest circumstances look a bit brighter after a good nap — a fact that isn’t lost on malware authors, according to researchers at the firm FireEye, which have identified a new Trojan Horse program that uses extended sleep cycles to fool behavior based malware detection technology.
In a blog post Tuesday, researchers Abhishek Singh and Ali Islam said the new malware, dubbed Trojan Nap, has a function, dubbed SleepEx() that can be used to configure long “naps” that the malware takes after it is installed on a compromised system. The default value, 600,000 milliseconds – or 10 minutes – seems designed to fool automated analysis systems that are programmed to capture a sample of behavior for a set time frame. “By executing a sleep call with a long timeout, Nap can prevent an automated analysis system from capturing its malicious behavior,” FireEye said."
Link to Original Source
In a blog post Tuesday, researchers Abhishek Singh and Ali Islam said the new malware, dubbed Trojan Nap, has a function, dubbed SleepEx() that can be used to configure long “naps” that the malware takes after it is installed on a compromised system. The default value, 600,000 milliseconds – or 10 minutes – seems designed to fool automated analysis systems that are programmed to capture a sample of behavior for a set time frame. “By executing a sleep call with a long timeout, Nap can prevent an automated analysis system from capturing its malicious behavior,” FireEye said."
Link to Original Source
Trojan Takes Extended 'Naps' To Avoid Detection More Login
Trojan Takes Extended 'Naps' To Avoid Detection