RSA Admin

The Malware Factory and Massive Morphing Malware

Blog Post created by RSA Admin Employee on Mar 26, 2014

All, attached is a paper in PDF format that describes a real-world instance of the Malware Factory in action as it pertains to a prior post on the Zusy Botnet Beaconing detection here.  What makes this significant is that a theoretical idea that malware could constantly change itself has now been proven to exist in the wild.


If you rely on hash-based detection capabilities and solutions to find malware, you will not be able to detect this threat.


Thanks to Christopher Elisan and Ahmed Sonbol of RSA FirstWatch for their insightful analysis and thanks to Jason Rader for his insight and editing!