a lot of new trojans proactively. On the other hand, it is
getting easier. You may even be able to precompute whether
your new malware will succeed.
One way to do this is through a targeted attack, where you
write a trojan and aim it at a specific part of the Internet, such
as a single company, whose defensive posture is known to you.
Targeted attacks are not especially difficult to orchestrate, and
there is a paper at this conference which investigates this
phenomenon [3].
Another way is to use an on-line service to which you can
submit malware samples and from which you will receive
automated replies telling you which products detected it, and
what they called it.
Q. On-line services to help you fine-tune your phishing
trojans?
A. That’s not how they position themselves, of course. Several
such services exist, and some are strongly supported by the
security industry. VirusTotal [4], for example, has permission
to use some 25 different products for scanning incoming files.
In return, samples are sent to vendors who miss them, thus
helping to improve detection and responsiveness.
Unfortunately, VirusTotal allows you to withhold submissions
from vendors (though this is not the default), which could be
said to play into the hands of organized crime and the
counterculture.
Q. So let’s assume you can create a new phishing trojan and
target me and my company with it. How can authentication, or
anything else, help me then?
A. When you are carrying out a financial transaction on-line,
there are several things that it pays you (literally and
Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24