The IT Nerd

Security researchers at Symantec published a technical report today on a new malware loader tracked as Verblecon, which has escaped detection due to the polymorphic nature of their code. In other words, it changes itself to evade your typical antivirus product. The malware has been observed being used in attacks that install cryptocurrency miners on compromised machines.

Chris Olson, CEO of The Media Trust, had this to say:

 “Polymorphic techniques are just another way to hide malicious intentions, along with checks for security tools and live environments. What’s interesting is this attack provides another example of how the risks of Web 2.0 are being replicated in Web 3.0. Today’s embryonic beginnings of Web 3.0 are eerily reminiscent of the Web as it existed in the 1990s, showing sporadic signs of vulnerability that may well foreshadow a future era of cyber chaos. To prevent that from happening, we must learn from our past mistakes. Today’s digital ecosystem is riddled with threats because Web 2.0 was not designed for cybersecurity from the outset. Untrusted third parties were allowed to proliferate, leading to phishing attacks, malicious advertising, rampant data privacy abuse and other threats that are hard to fix in the present. With Web 3.0, we have a chance to account for potential attack vectors by design – otherwise, the same issues will replicate themselves with greater potency than ever.”

Symantec appears to currently protect their users from this threat. But one wonders how long that will be the case. And I honestly don’t want to take any bets on that.

This entry was posted on March 29, 2022 at 3:32 pm and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.