Paper: Spreading techniques used by malware

Posted by   Martijn Grooten on   Dec 21, 2016

Malware infections usually start with a user opening an attachment, visiting a link, or simply accessing an infected site with a vulnerable browser. But once malware has infected an endpoint, it often looks for other devices in order to spread further, or at least to include the files on those devices in its malicious encryption efforts.

Today, we publish a short paper by Acalvio researcher Abhishek Singh, who uses examples from recent ransomware samples to show how malware spreads within a network ('lateral movement') or even outside the network. You can read the paper either in HTML or PDF format.

SpreadingtechniquesusedbyMalware-fig1.jpg

If you like this paper, why not read some of the other papers Abhishek has written for Virus Bulletin, such as a paper on techniques used by malware to evade automated analysis.

twitter.png
fb.png
linkedin.png
googleplus.png
reddit.png

 

Latest posts:

Ransomware not a problem for half of businesses

According to a report by IBM Security, 70 per cent of businesses that are the victim of a ransomware attack end up paying the ransom. However, the report also suggests that a little over half of businesses manage to avoid getting infected at all,…

Ransomware would be much worse if it wasn't for email security solutions

The latest VBSpam test brings good news: at least 199 out of every 200 emails containing a malicious attachment were blocked by email security solutions. All of the full solutions tested achieved a VBSpam award, with five earning a VBSpam+ award.

Throwback Thursday: The malware battle: reflections and forecasts

"Another year has come to its end and the malware battle still rages on." In January 2004, Jamz Yaneza reflected on the year just ended and pondered what the coming year would have in store for the AV industry.

VB2016 paper: Open Source Malware Lab

At VB2016, ThreatConnect Director of Research Innovation Robert Simmons presented a paper on setting up an open source malware lab. Today, we share the accompanying paper and video.

A Christmas present for the security community

As a Christmas present for the security community, we have uploaded most of the papers and videos from the VB2015 conference which took place in Prague almost 15 months ago. The Virus Bulletin crew wishes you all the best for 2017!