Hackers' project hides browser-busting code

Hackers are developing new software, called VoMM, that will help hide browser attack code from some types of security software.

Robert McMillan (IDG News Service)
18 October, 2006 14:05
Comments

Hackers are developing new software that will help hide browser attack code from some types of security software.

The software, called VoMM (eVade o' Matic Module), uses a variety of techniques to mix up known exploit code so as to make it unrecognizable to some types of antivirus software.

Using these techniques, VoMM "can create an endless number of variants of an exploit," said Aviv Raff, one of the developers behind the project.

"It aims to provide several techniques out of the box to make browser exploits (mostly) undetectable," according to a blog posting by one of the project's founders, a hacker going by the name of "LMH." That posting can be found target=_blank">here.

The software users server-side scripting technology to create new versions of the exploit code, which then get delivered to browser users when they visit the attacker's Web site. By making a number of cosmetic changes to the code that do not affect its functionality, VoMM creates a new version of the malicious software that cannot be detected by "signature-based" techniques.

Signature-based antivirus products analyze known malware and then create a digital fingerprint that allows the antivirus software to identify malicious code. By adding extra components -- tabs and spaces, and random comments and variable names -- that are not included in known signatures, VOMM creates software that can evade detection.

The VoMM code is expected to be included in a new module for the upcoming 3.0 version of the widely used Metasploit hacking toolkit, Raff said. Metasploit developer HD Moore is also developing the VoMM software. Raff's blog posting on the project can be found target=_blank">here.

Bookmark this page
Share this article
- facebook
- slashdot
- digg
- Reddit
- stumbleupon
- linkedin
- twitter
Got more on this story? Email Computerworld
Follow Computerworld on twitter

Comments

Post new comment

Share
Share this article
- google+
- facebook facebook
- slashdot slashdot
- digg digg
- Reddit Reddit
- stumbleupon stumbleupon
- linkedin linkedin
- twitter twitter
print
email
Bookmark

Related Whitepapers

Print security and the mobile workforce

Where, when, and how we work is changing. Whether your employees are working on the road without a dedicated workstation or from a home office, they need a safe way to print. Driving this shift is the accelerating adoption of smartphones, tablets, and other mobile devices. But even with these devices, printing remains a key business function for virtually all employees, and many may already be using them to print. Read more.

Featured Download

Dropbox

Dropbox is a sharing tool that allows you to synchronize your documents, as well share files with others. It automatically uploads the files to the ...

Zones

Most Popular Whitepapers

Process-Driven Master Data Management for Dummies

We wrote this book to introduce you to the subject of processdriven MDM. It’s a big topic, one that far outstrips the ability of a brief book to cover. However, our hope is that by reading this book you will gain a fundamental understanding of processdriven MDM, how it works, and what it takes to make it a success in your organisation.

Popular tags: Business Management, Security, Data Centre, Storage, Master Data Management

Latest Jobs

FTTechnical Services Engineer - ShoreTel/MitelVIC
CCSystem Engineer - Exchange - CONTRACTSWA
FTChange Management ProfessionalsNSW
CCSAP PM ConsultantNSW
CCSAP FICO ConsultantNT
FTSAP Basis ConsultantNSW
FTIT Account Manager - System Integrator - Career Progression - Start ImmediatelyNSW
FTSAP Basis ConsultantACT
CCAvaya Engineer - ERS 8600 4.1NSW
FTSenior Citrix EngineerNSW
FTSenior Network Field Engineer - Cisco R&S / Wireless SolutionsNSW
CCSystem Engineer - Lync and Exchange - CONTRACTSWA
FTSenior Citrix EngineerNSW
CCOBIEE ConsultantWA
FTSenior Network Engineer - Cisco / Nexus / UCS / - Routing / Switching / WirelessNSW
FTSenior Network Field Engineer - Cisco R&S / Wireless SolutionsNSW
FTProduct Manager Strategist - Enterprise ApplicationsNSW
FTQM Trainer and ConsultantNSW
FTiPhone App DeveloperNSW
FTIT Service Desk EngineerNSW
FTiPhone Developer DeveloperNSW
FTiPhone App DeveloperNSW
CCPC Relocation Technicians - Multiple Roles availableSA
FTIT Service Desk EngineerNSW
FTiPhone App DeveloperNSW

Market Place

Hackers' project hides browser-busting code

Comments

Post new comment

Windows Event Viewer phishing scam remains active

A comparison of Telstra's 4G phones

Untethered jailbreak for iOS 5.1.1 available for download

Which tablet should I buy? iPad 2 vs Sony Tablet S

Coalition NBN better or worse?

SKA to be jointly hosted by Australia, New Zealand and South Africa

NBN service plans won't cost consumers more: Conroy

Microsoft at a loss over Event Viewer scam

Stallman: If you want freedom don't follow Linus Torvalds

CeBIT 2012: Will NBN speed up freight delivery times?

Conroy turns the attack to Hockey

Print security and the mobile workforce

Virtualisation and Cloud Computing: Optimised Power, Cooling, and Management Maximises Benefits

Lost USB keys have 66% chance of malware

Server and Storage Optimization Techniques

Dropbox

Avaya Air Cover Zone

Application Lifecycle Management

HP Converged Storage Zone

HP Business Efficiency - Money Payback Guarantee Resource Centre

The Australian Cloud

Process-Driven Master Data Management for Dummies

Business Intelligence Best Practices for Dashboard Design

Learning To Compete: IT’s Next Transformation

Seven Steps to Effective Data Governance

Guidance for Calculation of Efficiency (PUE) in Data Centers

Computerworld newsletter

Don't have an account?

Hackers' project hides browser-busting code

Comments

Post new comment

Computerworld newsletter