Researchers at the Sydney branch of SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have discovered a proof-of-concept virus, called W32/Gattman-A, which works in a novel way.
Unlike the majority of malicious software, which are Windows programs targeting the Windows operating system, this virus deliberately targets an analysis tool which is widely used by security researchers.
The Gattman virus spreads through the program Interactive Disassembler Pro (IDA), produced by DataRescue. IDA is one of the most popular "reversing" tools, and is used for converting the raw machine code inside program files back into human-readable source code form so that its behaviour can be analysed and understood.
Read more here.
Published Date: Jul 09, 2006 10:30 am | Updated Date: Jul 09, 2006 10:30 am