Jump to content

Inside the "PlugX" malware with SophosLabs - a fascinating journey into a malware factory...


Recommended Posts


Inside the "PlugX" malware with SophosLabs - a fascinating journey into a malware factory..

by Paul Ducklin on May 20, 2013


Join SophosLabs Principal Researcher Gabor Szappanos (Szappi) as he takes you on a fascinating journey into the PlugX malware factory.

This is a malware family that keeps evolving as the criminals in charge of it churn out new variants.

Just like legitimate software, malware has major version upgrades and point releases.

In this paper, Szappi looks at the recently-released Version 6.0 of the PlugX malware framework.

You'll enjoy Szappi's paper because it's not so technical as to get bogged down in researcher-only jargon, yet not so high-level as to skip over the details that help you to understand how virus writers think.

Szappi writes clearly and logically, taking apart and explaining the numerous and deliberately-distinct phases in the malware's infection mechanism. (More...)

Read the complete article/paper at: http://nakedsecurity.sophos.com/2013/05/20/inside-the-plugx-malware-with-sophoslabs-a-fascinating-journey-into-a-malware-factory/


Link to post
Share on other sites

  • Root Admin

If it was as locked down though as you or some others would have and was done so from the start then it would still probably almost still be in its infancy and available only via command line as it used to be because if its too complex or too locked down and hard to use then most users simply don't want to use something like that. Its wide openness is what many were attracted to and as soon as they came up with a graphical interface it really took off even faster.

You now have espionage from Governments around the World and highly advanced computer techs that passwords mean little as exploits are often located and used to bypass provided security. The reality is that it is not "secure" and putting your business or personal data online does carry the risk of being stolen sooner or later. Even what is covered under US laws is often twisted by our own legal system as to who and why it can be accessed legally even though what one would have considered "common sense" does not apply to laws. Legal technicalities are what rule, good or bad.

They want to put all your medical records online in a national database for health yet its been seen and proven over and over that there are no real "secure" online locations. Sooner or later someone with enough knowledge, manpower, or trickery can overcome the security of any known systems. There are certainly many other implications of this but since this is not a political discussion I won't go there.

There is no easy answer but a draconian lock down is not it either.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.