Hackers could evade most existing antivirus protection by hiding malicious code within ordinary text
This potential weakness has been recognized in the past, but many computer security experts believed that the rules of English word and sentence construction would make executing an attack through the English language impossible. Machine code requires the use of character combinations not usually seen in plain text, such as strings of mostly capital letters.
University College London security researcher Nicolas Courtis says malicious code hidden in plain language would be "very hard if not impossible to detect reliably." Mason and colleagues presented their research at the recent ACM Conference on Computer and Communications Security, but were careful to omit some of their methodology to avoid helping potential hackers.
I'd be astounded if anyone is using this method maliciously in the real world, due to the amount of engineering it took to pull off.
Refer here to read more details.
No comments:
Post a Comment