Mylobot Showcases the Evolution of Modern Malware

Mylobot Showcases the Evolution of Modern Malware

Advertising Advertising

The recently discovered Mylobot aggregates 9 sophisticated features, highlighting how advanced malware is evolving. Stealth capabilities make it difficult for security tools to detect and protection aspects preserve its functionality over time.  

This combination of Mylobot features will likely appear more often in emerging malware: 

  1. Anti-sandboxing features to thwart anti-virus defenses that isolates suspicious software.

  2. Anti-debugging design to resist security researchers from them dissecting the malware and figuring out how it works and where it came from.

  3. Encrypted files to keep details hidden from anti-malware tools, victims, and security researchers.

  4. Reflective EXE, allows files to be directly run from memory, alleviating the need to store them on drives (where they could be detected).

  5. A delay mechanism which waits for two weeks before making contact with the attacker's command and control servers.

  6. Deactivates Windows Defender and Windows Update to protect from eviction and new patches.

  7. Modifies access to firewall ports to maintain Internet connectivity.

  8. Actively targets and deletes other installed malware to avoid competition and conflicts.

  9. Designed to provide complete control of the system to the attacker, allowing deployment of other payloads in the future and exfiltration of sensitive data.

We have seen all these capabilities in the past, but when they are woven together it becomes much more difficult to detect and eradicate infections. Expect these to become part of the basic feature set for the majority of next-generation malware packages. The battle of innovation between the attackers and defenders never ceases. 

Advertising Advertising

Share this article

Leave your comments

Post comment as a guest

0
terms and condition.
  • Paul Fry

    The fact that everything takes place in memory makes it even harder to detect and trace.

  • Elizabeth Jayne

    Insightful read

  • Patrick Gordon

    Very interesting !!!

  • Kevin Jones

    Another great post ! Thanks Matthew !

  • David Rotheram

    Informative

Share this article

Matthew Rosenquist 

Cybersecurity Guru

Matthew Rosenquist is #7 LinkedIn Global Top Voice 2018 – Technology. He is an industry-recognized pragmatic, passionate, and innovative strategic security expert with 28 years of experience. He thrives in challenging cybersecurity environments and in the face of ever shifting threats. A leader in identifying opportunities, driving industry change, and building mature security organizations, Matthew delivers capabilities for sustainable security postures. He has experience in protecting billions of dollars of corporate assets, consulting across industry verticals, understanding current and emerging risks, communicating opportunities, forging internal cooperation and executive buy-in, and developing practical strategies. Matthew is a trusted advisor, security expert, and evangelist for academia, businesses, and governments around the world. A public advocate for best-practices, and communicating the risks and opportunities emerging in cybersecurity. He delivers engaging keynotes, speeches, interviews, and consulting sessions at conferences and to audiences around the globe. He has attracted a large social following of security peers, is an active member on advisory boards, and quoted in news, magazines, and books. Matthew is a recognized industry expert, speaker, and leader who enjoys the pursuit of achieving optimal cybersecurity. Matthew Rosenquist is experienced in building world class teams and capabilities, managing security operations, evangelizing best-practices to the market, developing security products, and improving corporate security services. 

   

Latest Articles

View all
  • Science
  • Technology
  • Companies
  • Environment
  • Global Economy
  • Finance
  • Politics
  • Society