|
-
April 30th, 2004, 07:45 PM
#1
Trouble is coming - Case in point.
For those who have read a few posts I have made here in the past about what certainly is coming down the pipe (because I feel that most of the releases in the past year are nothing more than tests for horribleness yet to come), I have gathered some info from a very reliable source about polymorphic viruses that will be coming to a theatre near you...
For reference purposes:
http://www.antionline.com/showthread...335#post740335
Author: Dr3f (You probably dont know him -- I only know of one other virus that he has coded - WM.NotFam)
Name of virus: Win32.Voltage
Detected: Not yet.. he says it 'may' be in the wild, but he hasn't released it yet.
It is written in ASM and is about 3800 lines of code (I dont have the source.. but that is how long he said it was)
Description: (From Dr3f) My new worm has the follow capabilities: global resident,PE\RAR infector,polymorphic with EPO feature,has mail worm that spoof address,that send itself to all temp inet files addresses and to all friends in the WAB.
Win32.Voltage is infected over a script encoder in this sample.
It drops a copy of the original virus as the name wvltg.exe into the system directory.
I found this interesting as it is a polymorphic, file infecting, mass mailing worm. There aren't many of these floating around.
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
-
April 30th, 2004, 08:55 PM
#2
BRING IT ON!
thats all I can say...other than that...we're fukced :*(
-
May 1st, 2004, 12:18 AM
#3
What exactly does polymorphic mean? Is it like - the worm can change its executable so it still operates but escapes AV's?
-
May 1st, 2004, 12:25 AM
#4
Senior Member
polymorphic means that each time the virus copies itself, the fingerprint looks a little different, like varying the size or pattern of the executable. it does that so it's harder for av software to detect.
U suk at teh intuhnet1!!1!1one
-
May 1st, 2004, 12:40 AM
#5
polymorphic means that each time the virus copies itself, the fingerprint looks a little different, like varying the size or pattern of the executable. it does that so it's harder for av software to detect.
Ah, that's what I thought. Thanks for the clarification 
mjk
-
May 1st, 2004, 01:58 AM
#6
oh boy! what an accomplishment. his folks must be so proud.
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
-
May 1st, 2004, 03:10 AM
#7
I wonder how well the anti-virus companies are going to handle this. I agree with cybr1d.
I have 315 relays and 118 switches and have all the power of a calculator.
-
May 1st, 2004, 03:28 AM
#8
Well I'm guessing the usual, Wreck havoc for a while just like melissa and code red and whatnot, and then get fixed, and then have about 100 new people on AO asking us how to fix their problem *whatever might the virus cause* 
-
May 1st, 2004, 03:35 AM
#9
I bow to your ability to read the future OH Great One. (bow,bow,bow dance around fire.)
I have 315 relays and 118 switches and have all the power of a calculator.
-
May 1st, 2004, 04:04 AM
#10
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote