Fake anti-virus: The journey from Trojan to a persistent threat

Page: 1 | 2 | 3 | 4 | 5 | Next →

Author

Jagadeesh Chandraiah
SophosLabs, UK
jagadeesh.chandraiah@sophos.com

Read the paper in pdf format, or view the online version

---

Contents

1. Introduction
2. FakeAV trends
3. Infection vectors
3.1 Black hat SEO
3.2 Malvertising
3.3 Spam campaigns
3.4 Exploit kit
4. Packer evolution
4.1 Anti emulation API
4.2 PEB and TIB access
4.3 Kuser Shared Data (KSD)
4.4 How is this done?
5. What drives FakeAV?
6. Related work
7. Conclusion
8. References

Page: 1 | 2 | 3 | 4 | 5 | Next →