Hacker News with Generative AI: Obfuscation

ScatterBrain: Unmasking the shadow of PoisonPlug's obfuscator (cloud.google.com)
Since 2022, Google Threat Intelligence Group (GTIG) has been tracking multiple cyber espionage operations conducted by China-nexus actors utilizing POISONPLUG.SHADOW. These operations employ a custom obfuscating compiler that we refer to as "ScatterBrain," facilitating attacks against various entities across Europe and the Asia Pacific (APAC) region. ScatterBrain appears to be a substantial evolution of ScatterBee, an obfuscating compiler previously analyzed by PWC.

Cybersecurity, Obfuscation, Malware Analysis, China

88 points by tux3 20 days ago | 17 comments

LLVM-powered devirtualization (thalium.re)
This work was carried out during an internship at Thalium on the subject of deobfuscation of virtualized binaries.

LLVM, Devirtualization, Software Engineering, Security, Obfuscation

245 points by dddnzzz334 88 days ago | 10 comments

Computing with Time: Microarchitectural Weird Machines (cacm.acm.org)
Microarchitectural weird machines (µWM) can be used as a powerful obfuscation engine where computation operates based on events unobservable to conventional anti-obfuscation tools.

Computer Architecture, Security, Obfuscation

135 points by rbanffy 89 days ago | 22 comments