KHOBE: New attack Which can bypasses EVERY Windows security product

Software Security Researchers at matousec.com has developed a method which can bypass protections built in to many of the most popular anti-virus products like McAfee, Trend Micro, AVG, and BitDefender.

The attack, called KHOBE (Kernel HOok Bypassing Engine) works like “bait-and-switch” style by sending a file which contains Harmless code that passes the user’s System Check and as soon as it get passed the code is swapped with malicious code. This attack works more efficiently on Multi-Core systems as in Multi-Core System one thread doesn’t monitors on other threads that are running simultaneously which makes the switch/swapping easier. As a result, the vast majority of malware protection offered for Windows PCs can be tricked into allowing malicious code that under normal conditions would be blocked.

Read More Here

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s