Technology advances have significantly changed our lives during the past
decade. We rely on computers of various sorts for even the simplest of daily
tasks and become stressed when they are not available or do not perform as
we expect. The data that we create, use, and exchange has become the gold
of the 21st century. Because our information is so valuable and often very
personal, attempts to steal it have proliferated.
Malware was first developed as a challenge, but soon attackers recognized
the value of stolen data and the cybercrime industry was born. Security
companies, including McAfee, soon formed to defend people and systems
using antimalware technologies. In response, malware developers began
experimenting with ways to evade security products.
The first evasion techniques were simple because the antimalware products
were simple. For example, changing a single bit in a malicious file was
sometimes good enough to bypass the signature detection of a security
product. Eventually, more complex mechanisms such as polymorphism or
Today’s malware is very aggressive and powerful. Malware is no longer
developed just by isolated groups or teenagers who want to prove something.
It is now developed by governments, criminal groups, and hacktivists, to spy
on, steal, or destroy data.
This Key Topic details today’s most powerful and common evasion techniques
and explains how malware authors try to use them to accomplish their goals.