Cyber Security White Paper: DGAs in the Hands of Cyber-Criminals – Examining the State of the Art in Malware Evasion Techniques
Cyber criminals are growing more sophisticated daily, with newer techniques that challenge even the best prevention systems.
This Whitepaper examines new innovations that are making these threats stealthier.
Over the last 12 months, our researchers have discovered advanced evasion techniques being used by six crimeware families. These techniques appear to be used by dozens of separate cybercrime organizations. Many of these criminal organizations continue to evade popular host and network-based defenses. The commercial crimeware toolkits that now include DGA modules allow cybercriminals to tune and personalize their DGA algorithms – allowing per-botnet DGA capabilities and offering increased resiliency against static reputation defensive systems.
New threat discovery techniques pioneered through joint research between our researchers, University of Georgia and Georgia Tech have revealed the extent of this new threat. Some of the newly confirmed DGA-based crimeware families have been in operation and evading network defenses since at least November 2011. Using this new risk detection technology, as of February 2012, we've also identified up to six additional families of DGAs, which are yet to be conclusively associated with community-captured crimeware binaries.
Download and share the information in this whitepaper to learn how cyber criminals are getting smarter – and how you can beat them to the punch.