January 04, 2012

Anti-virus virus

The Japanese government collaborated with Fujitsu to create a virus which detects malware and collect info on the hackers. A virus on a virus?

This is the technical schematic:

I see a few problems with it:

  • As we all know, most malware and attacks are distributed through non-involved 3rd parties. Obviously the "fight back" mechanism is going to affect these by standers rather than the actual attackers. There are of course tools that can be developed to try and track the actual source of the attack but I don’t see a reason to distribute them as a virus at end-points rather than take a honey-pot approach. I remember that back in the late 90s, there was a trend of "fight back", mainly trying to automatically break into the computer that sent an attack (or allegedly sent an attack) and take it down (or DDoS it). It quickly turned out to be a disaster in terms of going after the wrong people.
  • Deliberately introducing viral code into end-points is a one of these things that will only end in tears. Any misconfiguration or vulnerability in the "protection" code will allow attackers to efficiently introduce their code into each end point in the organization.



Authors & Topics:

Share on LinkedIn


Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.


Post a comment

Comments are moderated, and will not appear until the author has approved them.