«
»

Hide virus in sounds …

I have just discovered a nice tool called arss that allows you to play with spectrogram of sound signals.
It would be very cool to use this for vx stuff.
You could for example hide the virus code in the spectrum of an audio file so the virus can be stored in an http server and then downloaded (and extracted) using a dropper to the host system …
There is no suspect traffic in this way

This entry was posted on Sunday, January 3rd, 2010 at 1:43 am and is filed under All days. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

4 Responses to “Hide virus in sounds …”

  1. herm1t says:
    January 5, 2010 at 2:45 am

    As well you may use any other (from the infinite number of possibilities) steganographic technique and when the “Trojan.Downloader” (this is how “they” call the “download and execute” software) would be blocked if you didn’t care about that (the most important) stage before. If you’ll do you may left the downloaded file unencoded or just xor it with const. )))

  2. admin says:
    January 5, 2010 at 3:12 am

    hehe you are rigth but imagine this for already compromised hosts (for example in large botnets), I think that if you download a simple .wav file with a such malicious content no ids will warn you because a pattern for such attacks doesn’t exist …

  3. Alex Gordon says:
    April 3, 2010 at 5:42 pm

    Отличное сообщение, поздравляю )))))…

    I have just discovered a nice tool called arss that allows you to play with spectrogram of sound signals. It would be very cool to use this for vx stuff…..

  4. Kylie Batt says:
    May 3, 2010 at 1:01 pm

    Дождались…

    * декларирования I have just discovered a nice tool called arss that allows you to play with spectrogram of sound signals. It would be very cool to use this for vx stuff…..

Leave a Reply