Researchers at the University of Texas at Dallas are developing Frankenstein, a new way to create malware that can essentially build itself and is nearly invisible to antivirus software. Frankenstein takes bits of code from common apps and processes — like Windows Explorer and Microsoft Calculator — and compiles them using a set of blueprints to create any type of program. In Windows Explorer alone, Frankenstein found nearly 90,000 gadgets (snippets of code that perform specific actions) in just over 40 seconds, which means that malware created by the system would have a huge number of possible variations, work quickly, and be very difficult to detect.
Frankenstein: turning legitimate software into invisible malware
Researchers at the University of Texas at Dallas are developing Frankenstein, a new way to create malware that can essentially build itself and is nearly invisible to antivirus software.
Researchers at the University of Texas at Dallas are developing Frankenstein, a new way to create malware that can essentially build itself and is nearly invisible to antivirus software.
The research was presented at the USENIX Workshop on Offensive Technologies earlier this month and highlights the need for a new approach for virus detection software, one that is able to find malware that morphs and is disguised in the trappings of legitimate code. The US Air Force partially funded the project, the findings of which may be used to influence future state-sponsored cyber attacks.
Follow topics and authors from this story to see more like this in your personalized homepage feed and to receive email updates.
