We all know what a virus is.
We all know what an anti-virus is.
Most of us know what a crypted virus is. I am referring to the encryption of a virus which is used solely for bypassing anti-virus detection. It has come to my attention that alot of these "crypting" tools offer a feature called "extension spoofing", in which i am able to spoof my .exe virus (RAT) into a less suspicous format such as .mp3 or .pdf
The question is, how deep do these work. Do they actually change the physical format to a mp3 to a point where it is not able to be rendered as .exe, or is there some less deceiving trick here to which a novice-intermediate IT user can spot.
Aucun commentaire:
Enregistrer un commentaire