Researchers have discovered a new Windows code injection technique that attackers can leverage to hide malware. While Atom Bombing doesn’t allow downloaded files to hide from antivirus, it does allow malicious code already running on your system from getting noticed by local security scanning processes. Watch the video to learn more about Atom Bombing.
Episode Runtime: 4:48
Direct YouTube Link: https://www.youtube.com/watch?v=maFSBZR7_DQ
EPISODE REFERENCES:
- Ensilo’s Atom Bombing blog post – Ensilo
- Researcher’s technical Atom Bombing blog post – Breaking Malware
- New code injection technique can bypass malware detection – PC World
- Attackers can abuse Windows Atom Tables – Ars Technica
— Corey Nachreiner, CISSP (@SecAdept)
Leave a Reply