Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

Submission Trojan Takes Extended 'Naps' To Avoid Detection->

chicksdaddy writes: "Even the bleakest circumstances look a bit brighter after a good nap — a fact that isn’t lost on malware authors, according to researchers at the firm FireEye, which have identified a new Trojan Horse program that uses extended sleep cycles to fool behavior based malware detection technology.

In a blog post Tuesday, researchers Abhishek Singh and Ali Islam said the new malware, dubbed Trojan Nap, has a function, dubbed SleepEx() that can be used to configure long “naps” that the malware takes after it is installed on a compromised system. The default value, 600,000 milliseconds – or 10 minutes – seems designed to fool automated analysis systems that are programmed to capture a sample of behavior for a set time frame. “By executing a sleep call with a long timeout, Nap can prevent an automated analysis system from capturing its malicious behavior,” FireEye said."

Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Trojan Takes Extended 'Naps' To Avoid Detection

Comments Filter:

"Oh my! An `inflammatory attitude' in alt.flame? Never heard of such a thing..." -- Allen Gwinn, allen@sulaco.Sigma.COM