Member-only story
Object-Oriented Malware — Some Dude Says
I work in a security position and one thing I have heard a lot of confusion about is some of the generations of newer infections and why even newer machine learning and AI based AV solutions cannot detect some of these infections. I am not aiming to do a largely technical tear down of any of these threats as there are labs with better resources and who are more knowledgeable who can do a far better job than I could hope to at this point (there is a tremendous amount of work that goes into tearing an infection apart). In short, this is going to be a high level introduction to the basics of what I am terming Object-Oriented Malware for lack of a better term explaining some of how it works and why it is so efficient at cutting through security solutions.
What Does Object-Oriented Mean?
When it comes to programming, one of the most popular techniques is Object Oriented programming. To simplify this as much as possible (so excuse any technicalities if you have programmed before), this basically means you make objects which contain both data and functionality for said data. Concepts like encapsulation and polymorphism mean that objects can encapsulate their own data and provide, or not provide, ways to interface with internal data, and that objects can be defined like cat and dog which are derived from animal which can then have…
