CARO On Packers and Obfuscators

Last week several SophosLabs staff attended the 2^nd International CARO workshop to discuss packers and obfuscators and how the anti-malware industry is dealing with them.

It was interesting to see the various approaches being explored and employed by vendors in dealing with hard-to-do packer and obfuscator technology in the anti-malware arena.

Sophos has been actively detecting a wide range of “dodgy” packers and obfuscators (Mal/Packer and Mal/EncPk-) since about September 2006 with good results.

Boris’s presentation on Virtualization Packers gave much insight into the difficulties of packers like Themida and the possible shortcuts that can be used to factor the problem into a more manageable one for the endpoint.

Overall the conference was a great success, allowing the industry as a whole to develop new ideas to protect its customers from the malware threats of today.

Posted on May 10th, 2008 by Pete, SophosLabs AU
Filed under: General

Windows 7 security - A great leap forward or business as usual?

About SophosLabs

SophosLabs protects businesses from known and emerging malware - viruses, rootkits and spyware - and other computer threats like phishing, spam and scams. Learn more about the people who write this blog.

RSS feed

Hot video

International Kill-A-Zombie Day

SophosLabs blog