Skip to main content

Memory scraping malware goes after encrypted private information

posted onFebruary 23, 2011
by hitbsecnews

What's "pervasive memory scraping" and why is it considered by SANS Institute security researchers to be among the most dangerous attack techniques likely to be used in coming the coming year?

Simply put, pervasive memory scraping is used by attackers who have gained administrative privileges to successfully get hold of personally identifiable information (PII) and other sensitive data held encrypted in a file system, according to Ed Skoudis, senior security consultant at InGuardians who is also an instructor at SANS events. Evidence of this attack is coming up again and again in data-breach cases, he said.

"Data is encrypted in a file system where it's stored," said Skoudis, who joined with Johannes Ullrich, chief research officer at SANS Technology Institute, to speak at the RSA Conference last week on dangerous attack techniques that appear to be on the rise. Though stored encrypted, the data has to be processed by some application and "if you're processing that data it will be processed in that system unencrypted," Skoudis pointed out.

Source

Tags

Viruses & Malware

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th