A spate of minor Cabir variants has arisen in the past few weeks. Looks like it's up to G now.
Not really of much interest except that F-Secure now has a generic detection for Cabir. Considering that most "variants" are simply the Cabir worm with a few internal strings modified it is interesting that it has taken until now.
The size of detection databases has been a point of discussion on the Win32 side for some time. It is even more relevant with regard to the relatively limited resources of smartphones. As mentioned recently, types of detections can sometime be an indication of the limitations of a given scan engine. Six to seven independent detections for highly similar variants is a bit wasteful.
Unlike certain Win32 trojans and worms, the source code for Cabir has not been made available. Lacking source code but having a number of functional descriptions it is of note that no copycat/clones of Cabir have been released. The existing variants are minor "script kiddie" alterations. Essentially, the threat is minimal and could have been handled by a generic detection around the time of the C and D variants.
Subscribe to:
Post Comments (Atom)
Protecting the ‘Metaverse ecosystem’…: Openness is healthy
Meta’s Reality Labs has an opening for “Malware Reverse Engineer” . Not an uncommon role, but this particular one is a bit more specific whe...
-
Keys can be a bother. You forget them inside the apartment, they're stuck in a pocket or bag with your arms full, or you just lose them.... -
The Internet of Things is not as complex as one would think. Smart Objects(e.g. Power meters, Fridge computers, etc.) or "Things" ...
No comments:
Post a Comment