The following Infocus technical article was published on SecurityFocus
today:
Malicious cryptography, part 1
This two-part article series looks at how cryptography is a double-edged
sword: it is used to make us safer, but it is also being used for
malicious purposes within sophisticated viruses. Part one introduces the
concepts behind cryptovirology and offers examples of malicious
potential with the SuckIt rootkit and a possible SSH worm. It then
introduces armored viruses that use shape shifting (polymorphism and
metamorphism) to avoid detection.
By Frederic Raynal
2006-05-08