One Signature at a Time: The Battle Against Malware - Trolling the Gutters

 
 
By eweek  |  Posted 2007-09-20
 
 
 

One Signature at a Time: The Battle Against Malware

Security vendor SecureWorks brings eWEEK readers inside its Atlanta lab and inside the daily fight to defend its customers against the salvos from hackers.

One Signature at a Time: The Battle Against Malware

One Signature at a Time: The Battle Against Malware - Malware Roll Call

SecureWorks begins each day with a meeting of security researchers, who discuss looming threats and the signatures needed to protect their customers. They also perform a peer review of signatures that have been created before they are deployed.

One Signature at a Time: The Battle Against Malware - Malware Roll Call

One Signature at a Time: The Battle Against Malware - Reverse Engineering an Attack

SecureWorks Security Researcher Daniel Peck works backward to block exploitation of a vulnerability affecting Mercury Mail. Armed with a debugger, he began by tracing input, looking at where the information was being copied to and from. After seeing where

One Signature at a Time: The Battle Against Malware - Reverse Engineering an Attack

One Signature at a Time: The Battle Against Malware - Trolling the Gutters

SecureWorks Security Researcher Don Jackson, who found the Gozi Trojan earlier this year, uses the hacker underground and sites like the SANS Institute Internet Storm Center Web site, which contains information about the latest threats.

One Signature at a Time: The Battle Against Malware - Trolling the Gutters

One Signature at a Time: The Battle Against Malware - CardersMarket

Researchers track the underground on forums like CardersMarket, an Internet forum that SecureWorks researchers said is frequented by identity thieves and deals with all aspects of credit card fraud.

One Signature at a Time: The Battle Against Malware - CardersMarket

One Signature at a Time: The Battle Against Malware - HangUp Team

SecureWorks is after groups such as the HangUp Team, a Russian outfit that SecureWorks claims develops malware for sale to hackers. The HangUp Team Web site displayed is currently down, but the group is still believed to be in operation creating malware.

One Signature at a Time: The Battle Against Malware - HangUp Team

One Signature at a Time: The Battle Against Malware - 76Service

76Service, another international hacking group that offers subscription services to stolen data and brokers deals between the hackers, iFramers and spammers, is also a SecureWorks target.

One Signature at a Time: The Battle Against Malware - 76Service

One Signature at a Time: The Battle Against Malware - See More Slide Shows Like This One!

  • Worst Data Breaches Ever
  • The Most Poisonous Bugs
  • One Signature at a Time: The Battle Against Malware - See More Slide Shows Like This One!

  • Rocket Fuel