Search
Articles

Publish at February 01 2023 Updated February 01 2023

Neutralize malware with reverse engineering

Cybersecurity workers are using it more and more

The possibilities are immense in a digital world. As technology develops, more and more new services are offered, consequently, malicious people now take advantage of the channel through which to attack institutions and businesses. As protection against viruses and malware improves, hackers are finding other ways to infect computers and mobile devices. For the cybersecurity industry, it's all about keeping up with trends and understanding the threat before it spreads too far.

So IT security firms are asking for one skill in particular for future engineers: reverse engineering capabilities. Moreover, Kapersky, a leader in the field, has launched training courses to hone expertise. 45% of learners demanded courses in reverse engineering. What they offer among their modules since December 2022.

Analyzing Threats

First, let's explain the principle of reverse engineering. It is a technique for extracting knowledge in the design of an object. This can be as much an airplane, a phone device, or an app. So, in the case of cybersecurity,engineers analyze the malware in order to understand how it works, its purpose, etc. By discovering this information, it will be easier to develop a defense against the malware in question.

Easy? Yes and no since these software programs are often not simple. Especially since it cannot be reverse engineered until it is discovered. It can be difficult to grasp the commands leading to the problems and infection of a virus. Typically, specialists will place it in a sandbox to see how it behaves. So this takes place so :

  1. They get the malware
  2. They do a static analysis (without the software running)
  3. Then comes a dynamic analysis
  4. The code is disassembled, decompiled, and analyzed
  5. The results are documented and a report is created
  6. This is shared with security organizations and researchers to develop protection

The issue of reverse engineering is an interesting one since some consider it unethical. Indeed, it may be easy to create even more dangerous software with this knowledge. However, the security community is using it more and more because they can then use the same strategies as the hackers. The latter analyze operating systems and find flaws in each version.

Applications available for everyone

So, the cybersecurity sector is using reverse engineering applications. One of the most popular is Ghidra. It is a free, open source tool developed by the US National Security Agency (NSA). It disassembles the binary code of malware to better understand it. Moreover, in 2019, the security agency made the software available to the general public. Therefore, curious people can quite use the application in order to deconstruct a binary file. There are other solutions such as ImHex, AndroGuard, Radare2, Binsec, etc.

This growing use for reverse engineering is forcing even hackers to change their approaches. For example, in 2022, a Trojan horse was developed to shut down computers trying to analyze it. Indeed, the more engineers counter malware, the less money their creators can make with, among other things, ransomware, and by blocking businesses. The future of cybersecurity and future threats will therefore come in part from reverse engineering.

Photo credit: en.depositphotos.com

References:

Bates, Kryzts. "Understanding Reverse Engineering Concepts." Gamingdeputy France. Last updated: January 17, 2023.
https://www.gamingdeputy.com/fr/comprendre-les-concepts-de-retro-ingenierie/.

"Binsec." CEA-List. Last updated: June 3, 2022. https://list.cea.fr/fr/page/binsec-lanalyse-de-code-binaire-pour-la-securite/.

EC-Council. "A Quick Guide to Reverse Engineering Malware." Cybersecurity Exchange. Last updated: October 11, 2022. https://www.eccouncil.org/cybersecurity-exchange/ethical-hacking/malware-reverse-engineering/#:~:text=What%20Is%20Reverse%20Engineering%20Malware,it%20(Ortolani%2C%202018).

Fox, Neil. "How to Use Ghidra to Reverse Engineer Malware." Varonis. Last updated: May 24, 2022.
https://www.varonis.com/fr/blog/how-to-use-ghidra.

Jenifa, Ashlin. "9 Best Reverse Engineering Tools For Security Professionals." Geekflare. Last updated December 13, 2022.
https://geekflare.com/fr/best-reverse-engineering-tools/.

"Kaspersky Has Launched a New Online Cybersecurity Training 'Reverse Engineering 101'." Financialpost. Last updated December 21, 2022.
https://financialpost.com/globe-newswire/kaspersky-has-launched-a-new-online-cybersecurity-training-reverse-engineering-101.

"Kaspersky Research Finds Reverse Engineering Is the Most On-Demand Skill Among InfoSec Specialists." Dark Reading. Last updated December 21, 2022.
https://www.darkreading.com/operations/kaspersky-research-finds-reverse-engineering-is-the-most-on-demand-skill-among-infosec-specialists-in-2022.

Osborne, Charlie. "Trickbot Will Now Try to Crash Researcher PCs to Stop Reverse Engineering Attempts." ZDNET. Last updated: January 26, 2022.
https://www.zdnet.com/article/trickbot-will-now-try-to-crash-researcher-pcs-to-stop-reverse-engineering-attempts/.

Smith, Amily. "Malware Reverse Engineering And How It Works." Download.zone. Last updated: January 2, 2023.
https://download.zone/malware-reverse-engineering/.

See more articles by this author

Files

  • Black box

Author Alexandre Roberge Contact the author

Thot Cursus RSS
Need a RSS reader ? : FeedBin, Feedly, NewsBlur

Don't want to see ads? Subscribe!

You might also like:

Agroecology: the transition to sustainable agriculture

Agriculture has allowed humans to subsist for thousands of years. However, its industrialization accompanied by certain polluting techniques has made this sector one of the most devastating on the environment. Fortunately, modern trainings are thinking more about ecoagriculture in order to continue to feed nearly 10 billion people in less than 100 years.

Circulareconomy.org - the international platform for the circular economy

In view of the numerous initiatives and players working to promote the circular economy, the launch of this international platform is intended to encourage collaboration between existing projects, as well as providing a gateway to other national and local sites.

Art and virtual reality: the ultimate immersion?

We've always created with whatever we could get our hands on. From drawing stones in caves to 3D creation software on our computers, we've always been able to express our artistic side with these tools. As virtual reality gradually takes hold, the art world has already begun to embrace it. Whether it's visual artists or the film industry, total immersion in a work of art no longer seems a science-fiction idea.

Concrete examples of mechanical engineering

What does a mechanical engineer do? It's a legitimate question for those unfamiliar with the world of engineering. It's a good thing they're interested, since a large proportion of transportation and energy improvements are based on their discoveries.

Robots, fiction before science

Science fiction, as a literary or cinematic genre, has given us many opportunities to meet robots, to fear them or to become attached to them. As a result, we no longer dream of real robots. Except for human-looking robots, which raise the question of the boundary between man and machine. But this time, it's for real.

Superprof: the platform to find the best private tutors  in the United States.

 

Receive our File of the week by email

Stay informed about digital learning in all its forms. Great ideas and resources. Take advantage, it's free!

Access exclusive services for free

Subscribe to our newsletter on pedagogy and educational technologies

You can also index your favorite resources and retrieve your viewing history.

Free subscription
I am already a subscriber