Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 13:18:06 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1628746668&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Fpapers%2Fgeneral%2FSoftware.Distribution.Malware.Infection.Vector.pdf%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1628746668.1338211086.1338211086.1338211086.1%3B%2B__utmz%3D32867617.1338211086.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/68332/Software.Distribution.Malware.Infection.Vector.pdf http://packetstormsecurity.org/files/68332/Software.Distribution.Malware.Infection.Vector.pdf http://packetstormsecurity.org/files/68332/Software.Distribution.Malware.Infection.Vector.pdf.html Fri, 18 Jul 2008 21:30:01 GMT This paper presents an efficient mechanism as well as the corresponding reference implementation for on-the-fly infecting of executable code with malicious software. Their algorithm deploys virus infection routines and network redirection attacks, without requiring the modification of the application itself. This allows infection of executables with an embedded signature when the signature is not automatically verified before execution. They briefly discuss countermeasures such as secure channels, code authentication as well as trusted virtualization that enables the isolation of untrusted downloads from other applications running in trusted domains or compartments.