Stormy weather for malware defenses

Stormy weather for malware defenses
Robert Lemos, SecurityFocus 2007-03-05

When the Storm Worm swept through the Internet in mid-January, the program's writers took a brute force approach to evading antivirus defenses: They created a massive number of slightly different copies of the program and released them all at the same time.

Expand all | Post comment

Signatures 2007-03-06
Calyptix Security

this is so 90's 2007-03-06
lsi

Stormy weather for malware defenses 2007-03-07
Matthew Murphy (1 replies)

Storm demonstrates the problem of relying on threat-specific response to effectively block threats. The Storm authors obviously know what they're doing -- the "death by a thousand cuts" strategy is a way of blasting open the zero-hour protection gap that has plagued AV for years.

There needs to be something done to stiffen AV programs' defenses against small alterations. A crucial side-effect of this effort will hopefully be the narrowing of the zero-hour gap.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/11446/34388#34388

Re: Stormy weather for malware defenses 2007-03-09
Anonymous (1 replies)

Re: Re: Stormy weather for malware defenses 2007-03-20
Anonymous

Stormy weather for malware defenses 2007-03-07
Amit