WikiLeaks’ Latest Leak Shows How CIA Avoids Antivirus Programs

Joe Uchill reports for The Hill:

WikiLeaks' latest leak shows how CIA avoids antivirus programsWikiLeaks released its third package of CIA documents on Friday which highlight source code used by the CIA to avoid antivirus programs.

The source code is for a tool called “Marble,” what is known as an obfuscator or packer.

Obfuscators are principally designed to jumble the execution of malware so that programs designed to spot malware have trouble determining what it is.

The Marble toolkit includes a variety of different algorithms to accomplish that task.

In its release, WikiLeaks describes the primary purpose of Marble as being to insert foreign language text into the malware to cause malware analysts to falsely attribute code to the wrong nation.

This appears to be an inaccurate description of the primary purpose of the code, however.

READ MORE…

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: