Jump to content

Viruses Are Back In Circulation


Recommended Posts

Although security vendors classify and for some even name their products anti-virus, the reality is viruses have been dead and out of circulation for some time. Most malware today are Trojans. Well, things have changed in the threat landscape arena. Below is a great technical analysis by Checkpoint on Azov ransomware which is in reality a wiper and a also a virus.

Pulling the Curtains on Azov Ransomware: Not a Skidsware but Polymorphic Wiper


Azov first came to the attention of the information security community as a payload of the SmokeLoader botnet, commonly found in fake pirated software and crack sites.

One thing that sets Azov apart from your garden-variety ransomware is its modification of certain 64-bit executables to execute its own code. Before the advent of the modern-day internet, this behavior used to be the royal road for the proliferation of malware; because of this, to this day, it remains the textbook definition of “computer virus” (a fact dearly beloved by industry pedants, and equally resented by everyone else). The modification of executables is done using polymorphic code, so as not to be potentially foiled by static signatures, and is also applied to 64-bit executables, which the average malware author would not have bothered with.


Edited by itman
Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...