RayLopez99 laid this down on his screen :
> On Sunday, November 23, 2014 7:40:27 PM UTC-8, RayLopez99 wrote:
>
>
http://www.usnews.com/news/articles/2014/11/24/regin-spyware-monitored-russian-
saudi-networks
>
> The spyware has an equally impressive ability to disguise itself by working
> in five stages, only the first of which is detectable because each step is
> encrypted, leaving Symantec uncertain of how the malware spreads.
>
>
> RL
>
> Does anybody care to speculate how the 'steps' are encrypted? I can see how
> a virus is encrypted, so the hash looks different, but is this something
> else?
It's the same thing, but a layered (onion) approach. That is, each step
has code which has to be decrypted before it runs instead of having all
of the code only encrypted once.
--- NewsGate v1.0 gamma 2
* Origin: News Gate @ Net396 -Huntsville, AL - USA (1:396/4)
|