Jump to content

Search the Community

Showing results for tags 'obfuscation'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes 3 Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 1 result

  1. I had an interesting idea: What about protecting Malwarebytes components, through an experimental extension to the Chameleon system, using all of the same tricks that Malware itself often uses for self-defense, plus a few more I thought of myself? Packers, multiple forms of obfuscation, dummy processes and registry keys, code virtualization (using a Cryptographically-secure Pseudo-RNG), dynamic recompilation, active boobytraps, maze-like FileSystem/Registry setup, modular/cross-OS component installation, Isolated/Encrypted "Mini-Pagefiles", the works. You could also go a step further in reliability by using the .NET Core runtimes instead of the traditional .NET framework, in order to prevent damaged or out-of-date .NET framework components on your system from being an obstacle to the program functioning correctly, and you could probably also use cloud-accelerated machine learning to perform extensive low-level optimizations of the compiled code. Maybe peer-to-peer cloud integrations should be implemented too (as an in-house, online-backed equivalent to Windows Resource Protection), as well as a secure and low-profile means for all of these protection systems, decoy processes, and such to communicate with eachother without revealing their identities to outside programs (hard-coded asymmetric encryption, for example), that way they will know what to do whenever it's time to update, uninstall, perform a repair, change settings (as requested by the user), and so forth. And then of course, there's the idea of a built-in (and heavily encrypted) counterpart to the HOSTS file for reaching official Malwarebytes servers/services, along with internally enforcing the use of IPv6, DNSSEC, HTTP/3, and/or a combination VPN/Proxy on any connections directly between the Malwarebytes servers and MBAM components. When taken all together, this could mitigate tampering, reverse-engineering, targeted attacks, and so on. And who knows? Maybe this could even prevent a second coming of the IOBit incident... Any thoughts on this? If so, then please share them below. 🦊 P.S.: If you want more details on what I mean by a maze-like setup with the FileSystem and Registry, then just send me a private message. My precise concept is still extremely work-in-progress, and highly confidential, but it does involve mixing back-up components with decoy files, along with some additional boobytraps of my own design.
×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.