Obfuscation

Disguising of program code or spam messages

Obfuscation is a technique used in both malware and spam, to disguise the content of a malicious program or of a spammed message.

In programming, the obfuscation of code to hinder reverse engineering and code changes has legitimate uses, to protect copyrights and intellectual property. In malware creation, it is generally intended to make the process of analysing the malware more difficult and time consuming. Any programming language, including both compiled and scripting languages, can be obfuscated, making it difficult to read or follow the logic and structure of the program.

In spam, obfuscation is intended to defeat automated rather than human readers. Words commonly used in spam, such as the names of popular proprietary drugs, are hidden in a way which makes it unclear to anti-spam software, but when displayed the words are easily recognisable to a human eye. The insertion of spacing, interspersal of letters with nonsense code or invisible characters, or use of patterns of colour and size are among many techniques used to create such obfuscation.

Related news articles

Security experts gather in Europe

Anti-malware insights pooled at AMTSO, CARO and EICAR meetings.

07 May 2008

  see all related news stories

Poll

Who in your company is responsible for installing software patches?
System administrators
End users
I don't know

Leave a comment
Jobs Recruit Sidebar

Malware Prevalence

Agent |##################|
Mytob |###############|
Invoice |###########|
NetSky |########|
Suspect packers |######|
 View this month's full report
Virus Bulletin currently has 148,304 registered users.