Thursday, October 09, 2008

Commoditization of Anti Debugging Features in RATs - Part Two

Yet another piece of malware promoted as a RAT (remote access tool) includes what's turning into the defacto set of anti-debugging features within RATs.

As the authors point out, the Anti Virtual PC, VMware, Virtualbox, Sandboxie, ThreatExpert, Anubis, CWSandbox, Joebox, Norman Sandbox features inevitably increase the server size. Next to the product, there's always the managed service of ensuring a lower detection rate for binaries submitted to the authors.

No comments:

Post a Comment