Re: informIT: Modern Malware

[Haroon Meer <haroon () thinkst com>]

Heya Gary (all)

On Sat, Mar 26, 2011 at 3:32 PM, Gary McGraw <gem () cigital com> wrote:
> I agree that the APT term is overused by the marketing types.  In this
> case you can translate it as malware that infects a server or an ad
> network and is "served up" to unwitting victims in a drive by download.>

Malware distributors look for good distribution channels, and the
ad-server provides one.
While it is a Threat, it's no more Advanced than we have seen before.
It isn't more "Persistant" than Stoned [1] was on a disk.

> What would you call it haroon?

In truth, i would avoid giving it a new name.
Drive by download: Yes. APT: No

/mh

[1] http://en.wikipedia.org/wiki/Stoned_(computer_virus)

-- 
Haroon Meer | Thinkst Applied Research
http://thinkst.com/pgp/haroon.txt
Tel: +27 83 786 6637

_______________________________________________
Secure Coding mailing list (SC-L) SC-L () securecoding org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
_______________________________________________