How Miscreants Hide From Browser Forensics

Scammers, intruders and other miscreants often aim to conceal their actions from forensic investigators. When analyzing an IT support scam, we had a story of a person posing as the help desk technician. He brought up a web page on the victim’s system to present payment form, so the person would supply contact and credit card details. He did this in a surprising manner, designed to conceal the destination URL.

Hardly a day goes by without me hearing the phrase ‘Threat Intelligence’ being used in the context of big budget enterprise protection, but recently we have been giving some thought to what this means to the home user and small business.

Most computers have (or at least, should have!) up-to-date antivirus software installed which provides a certain degree of protection and gives insight on whether a particular file, or set or circumstances, are suspicious according to vendor X (using signatures, reputation lookup and several other methods), but we’re sure there is more that the open source cyber security community can do to protect itself by leveraging fantastic free resources, such as the VirusTotal Public API

For more Information, go to our website,   www.ChairesSecurityContractorsandInvestigations.com or contact us   Todd@ChairesSCI.com or info@ChairesSCI.com