In this section

• Home
• Security
• SophosLabs blog
• 2008
• 05

• Analyses
• SophosLabs
• SophosLabs blog
• Spyware and adware
• Top 10 malware
• Hoaxes
• Technical papers
• Email notification
• Best practice
• White papers
• Web seminars
• Podcasts
• Hot topics

10 May 2008 06:50 GMT

CARO On Packers and Obfuscators

Last week several SophosLabs staff attended the 2^nd International CARO workshop to discuss packers and obfuscators and how the anti-malware industry is dealing with them.

It was interesting to see the various approaches being explored and employed by vendors in dealing with hard-to-do packer and obfuscator technology in the anti-malware arena.

Sophos has been actively detecting a wide range of dodgy packers and obfuscators (Mal/Packer and Mal/EncPk-) since about September 2006 with good results.

Boris's presentation on Virtualization Packers gave much insight into the difficulties of packers like Themida and the possible shortcuts that can be used to factor the problem into a more manageable one for the endpoint.

Overall the conference was a great success, allowing the industry as a whole to develop new ideas to protect its customers from the malware threats of today.

Pete, SophosLabs AU

• Bookmark with del.icio.us
• Submit this story to digg
• Submit this story to slashdot