Obfuscation Is a Common Tactic Used by Hackers to Make it Harder to Analyze Malicious Scripts and Evade Security Solutions.
What Is Obfuscation?
Obfuscation is a powerful technique used by hackers and security teams all over the world. Both parties use it for different reasons, but their goal is the same: to make the source code indecipherable, hard to understand, and interpret.
Obfuscation is a technique frequently used by cybercriminals in order to make it more difficult to examine malicious scripts and to thwart security solutions.
Frequent obfuscation methods include:
- Instruction pattern transformation;
- Metadata or unused code removal;
- Subroutine reordering
- Dummy code insertion;
- String encryption;
- Code transportation
As noticed by BleepingComputer, the majority of these obfuscated samples seem so to have similar code because they were bundled by the same packers, so their code structure appears to be similar even though the function is different.
In the forthcoming SecTor congress, Akamai intends to present more information on how they concentrate their detection efforts on packing techniques rather than the file code itself.
Obfuscation Is Not All Bad
According to the report, additional investigation reveals that the technique being used is the result of various legitimate scenarios, including:
- Websites that are attempting to hide some of their client-side code functionality;
- Code that was obfuscated by a third-party provider;
- The obfuscation of confidential data such as email addresses.