Malware Related > Malware Analysis

Ecard Malware Spam

<< < (2/2)

It isn't public, when I started this thread there was going to be more in depth information about it. But I never really got the time to do it. I would guess that newer versions of storm worm are using different variations of the packer, to make it more difficult for antivirus companies to detect.

With that many Zhelatin variants that got released since earlier this year,
it's quite reasonable to assume that most possibly it isn't even a standalone packer...

Furthermore,even say if the above doesn't stand true,
and there exists indeed a standalone 'private Zhelatin scrambler' out there,
I really doubt that spreading it in the wild would do any good:
information should be free,but this is assuming there's common sense also,he-he...
Both time and the way something gets publicly released play a major role on this,
and this is what is called 'responsible disclosure'...

It's one thing to release in public 'leaked' malware samples and tools,
which no matter the case,after a few months they are gonna get widespread:
this way helps end-users protect themselves in the meanwhile by personal means,
and also puts pressure in the AV companies to add proper detection for them in a timely manner.
But Tibs/Zhelatin's cycle certainly doesn't seem to be closing anytime soon...
ie.the only thing this would achieve,would be to spread further confusion and mess in the net,
as every skiddie would start modding backdoors with it in order to supposedly 'show off'...


[0] Message Index

[*] Previous page

Go to full version