DeepLocker: How AI Can Power a Stealthy New Breed of Malware

guest · Aug 8, 2018

DeepLocker: How AI Can Power a Stealthy New Breed of Malware
August 8, 2018
https://securityintelligence.com/deeplocker-how-ai-can-power-a-stealthy-new-breed-of-malware/

The shift to machine learning and AI is the next major progression in IT. However, cybercriminals are also studying AI to use it to their advantage — and weaponize it. How will the use of AI change cyberattacks? What are the characteristics of AI-powered attacks? And how can we defend against them?

At IBM Research, we are constantly studying the evolution of technologies, capabilities and techniques in order to identify and predict new threats and stay ahead of cybercriminals. One of the outcomes, which we will present at the Black Hat USA 2018 conference, is DeepLocker, a new breed of highly targeted and evasive attack tools powered by AI.

The DeepLocker class of malware stands in stark contrast to existing evasion techniques used by malware seen in the wild. While many malware variants try to hide their presence and malicious intent, none are as effective at doing so as DeepLocker.
Click to expand...

Peter2150 · Aug 8, 2018

So how would this get on your system

itman · Aug 14, 2018

Peter2150 said: ↑

So how would this get on your system
Click to expand...

In short, you would install it yourself. A hacked installer, update, etc.. Conceptually not that different from a PUP or PUA. Also not that different from current "sleeper" malware that can be triggered on event:

In short, DeepLocker is a methodology for hiding malware within a legitimate application in a manner that would prevent any researcher or threat hunter from knowing that it is there. But DeepLocker goes further. The key to unlocking and detonating the malware is the biometric recognition of a predefined target. This means that DeepLocker malware can be widely distributed to millions of users, but it will only ever activate against the precise target or targets.

Had the Stuxnet payload been embedded in the DeepLocker methodology, it would (almost certainly) never have escaped and never been reverse-engineered. Attribution becomes almost impossible, and nation-states could deliver highly targeted attacks with a higher degree of impunity. Zero-day exploits could be employed with less certainty that defenders could reverse engineer and create defenses
Click to expand...

https://www.securityweek.com/ibm-describes-ai-powered-malware-can-hide-inside-benign-applications

EASTER · Aug 14, 2018

itman said: ↑

In short, you would install it yourself. A hacked installer, update, etc.. Conceptually not that different from a PUP or PUA. Also not that different from current "sleeper" malware that can be triggered on event:

https://www.securityweek.com/ibm-describes-ai-powered-malware-can-hide-inside-benign-applications
Click to expand...

Time Bombs. Those in my years of IT malware removal were IMO the most notorious. Especially once they determined just the right measurements of code to first infiltrate via stealth, then wedge the payload into a nice confidential hiding place with the clock ticking until triggered. A few Ransomwares made use of this "sleeper" method to spring the trap on their targets.

Peter2150 · Aug 14, 2018

itman said: ↑

In short, you would install it yourself. A hacked installer, update, etc.. Conceptually not that different from a PUP or PUA. Also not that different from current "sleeper" malware that can be triggered on event:

https://www.securityweek.com/ibm-describes-ai-powered-malware-can-hide-inside-benign-applications
Click to expand...

Thanks itman.

Log in or Sign up

DeepLocker: How AI Can Power a Stealthy New Breed of Malware

guest Guest

Peter2150 Global Moderator

itman Registered Member

EASTER Registered Member

Peter2150 Global Moderator

Log in or Sign up

DeepLocker: How AI Can Power a Stealthy New Breed of Malware

guest Guest

Peter2150 Global Moderator

itman Registered Member

EASTER Registered Member

Peter2150 Global Moderator

Useful Searches