|
Honeypots
mailing list archives
Re: Stealth VM
From: "Thorsten Holz" <thorsten.holz () gmail com>
Date: Mon, 10 Nov 2008 22:09:45 +0100
Hi Robert,
On Mon, Nov 10, 2008 at 4:33 PM, Robert Sandilands
<rsandilands () authentium com> wrote:
If you can provide a better unbiased view of current threats I would
love for you to tell the world about it. Whatever the limitations of the
Wildlist may be, it is the best unbiased view we have on the threats out
there. It is easy to criticize something and I think the Wildlist has
become a popular project to criticize, but I have yet to hear of any
viable alternatives.
I did not criticize the Wildlist, I just pointed out that the malware
samples that are currently on the Wildlist (lots of online gaming
stealers and IRC bots) commonly do not contain VM detection mechanisms
in my experience. Thus I don't believe your claim that "The majority
of Wildlist samples will not work in VMWare."
Cheers,
Thorsten
 By Date 
By Thread
Current thread:
- Re: Stealth VM, (continued)
|
Intro
