Obfuscation: There Are Two Sides To Everything

2024-08-01 11:07

Obfuscation is the technique of intentionally making information difficult to read, especially in computer coding.

Other methods of obfuscation include compressing the entire program, making the code unreadable, and changing the control flow to create unstructured, difficult-to-maintain logic.

The goal of obfuscation is to anonymize cyber attackers, reduce the risk of detection, and hide malware by changing the overall signature and fingerprint of the malicious code - even if the payload is a known threat.

Signatures are very often hashed, but they can also be another short representation of a unique code within a malware element.

Obfuscation in the code is, as we have seen, only the first step because no matter how much work the hacker puts into obfuscating the code to bypass EDR, malware must communicate within the network and to the outside world to be "Successful".

A common obfuscation method is Exclusive OR. This method hides data in such a way that it can only be read by people who link the code with 0x55 XOR. ROT13 is another trick in which letters are replaced by a code.

News URL

https://thehackernews.com/2024/08/obfuscation-there-are-two-sides-to.html