Veiled Shadows

Well, one can’t really discuss the malware space without focusing on Bots, which are basically souped up trojans that get put onto machines due to a innumerble number of attack vectors, typically spam, SQL injection/malicious obfuscated javascript/multihop iframe redirections to multistaged malware dropper sites hosted by fast flux networks.  Data, information, and authentication and identity credentials such as passwords, usernames, SSNs get stolen off machines, encrypted and sent through P2P based HTTP outbound ports sent via encrypted proxie services and dumped onto drop site servers where the info is picked up and sold to the highest bidders in the underground for identity theft, more data stealing, and espianage.   Can you say are we having fun yet?!?!  Anyways, 

Heres a great article about what one of these puppies looks like. When you hear about things like Storm… This is what they are talking about. O ya, they are hidden by advanced rootkit technology and their binaries are packed and obfuscated, making effective reverse engineering way more difficult. O yea and they use anti Virtual Machine, anti debugger, tricks as well.