We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Hacker hides browser-busting code

New software evades detection

Hackers are developing new software that will help hide browser attack code from some types of security software.

The software, called VoMM (eVade o’ Matic Module), uses a variety of techniques to mix up known exploit code so as to make it unrecognisable to some types of antivirus software.

Using these techniques, VoMM "can create an endless number of variants of an exploit", said Aviv Raff, one of the developers behind the project.

"It aims to provide several techniques out of the box to make browser exploits (mostly) undetectable," according to a blog posting by one of the project's founders, a hacker going by the name of "LMH".

The software uses server-side scripting technology to create new versions of the exploit code, which then get delivered to browser users when they visit the attacker's website. By making a number of cosmetic changes to the code that do not affect its functionality, VoMM creates a new version of the malicious software that cannot be detected by "signature-based" techniques.

Signature-based antivirus products analyse known malware and then create a digital fingerprint that allows the antivirus software to identify malicious code. By adding extra components - tabs and spaces, and random comments and variable names - that are not included in known signatures, VoMM creates software that can evade detection.

The VoMM code is expected to be included in a new module for the upcoming 3.0 version of the widely used Metasploit hacking toolkit, Raff said. Metasploit developer HD Moore is also developing the VoMM software.


IDG UK Sites

Amazon Kindle Voyage release date, price and specs UK: a high-end eReader with Amazon’s best-ever...

IDG UK Sites

Why local multiplayer gaming is rapidly vanishing: we look at the demise of split-screen and LAN...

IDG UK Sites

How to successfully bridge the gap between clients and creatives

IDG UK Sites

How to update your iPhone or iPad to iOS 8: including how to install iOS 8 if you don't have room