Hackers turn to code obfuscation

Hackers are turning to new methods to hide malicious code away from security products.

Called dynamic code obfuscation, the technique is used by an attacker to hide a malicious payload away from signature-based security products such as anti-virus and web filters. Hackers use different strategies to hid malware including providing each visitor to a malicious site with a different instance of obfuscated malicious code, based on random functions and parameter name changes.

According to security company Finjan, such techniques would require a signature-based product to scan against millions of different signatures in order to detect the existence of this particular piece of malicious code and to block it.

"Dynamic code obfuscation techniques are the latest salvo from hackers in the ongoing battle of wits between security vendors and their hacker opponents," said Yuval Ben-Itzhak, Finjan's Chief Technology Officer.

"Over the years, each time a new type of attack appears in the wild, security companies scramble to create a solution. Then, as soon as the hackers become familiar with the newest defense, they devise a new method to circumvent it," he said.

He said that hackers have begun to take advantage of new web technologies to create complex and blended attacks.

"With their creation of dynamic obfuscation utilities, which enable virtually anyone to obfuscate code in an automated manner, they have dramatically escalated the threat to web security," he said.

Rene Millman

Rene Millman is a freelance writer and broadcaster who covers cybersecurity, AI, IoT, and the cloud. He also works as a contributing analyst at GigaOm and has previously worked as an analyst for Gartner covering the infrastructure market. He has made numerous television appearances to give his views and expertise on technology trends and companies that affect and shape our lives. You can follow Rene Millman on Twitter.