New LATENTBOT backdoor reinforces need for new approach

The recent discovery by FireEye of LATENTBOT illustrates just how complex and obscure malware-based attacks can be. The details of the technical blog <link> may seem complicated and obtuse – and they are – but that’s the point. The attacker uses multiple stages over email and web, with six stages of layered obfuscation across multiple types of content before anything malicious actually happens. And then the payload has its own encryption algorithm, its own command and control language, and it gives the attacker complete remote control over the computer, including the ability to wipe it completely.

LATENTBOT appears to be designed from the outset to avoid detection by legacy approaches. It confirms the need for a combination of dynamic multi-vector execution and machine learning threat intelligence to find the most sophisticated threats.

As attackers develop more sophisticated and complex attacks, you need a security partner with the technology to detect, analyze and respond to new threats before they damage your business. You need to detect these threats before your company has its secrets stolen and posted on the Internet, its customer information stolen, or its machines held ransom or wiped by attackers. Only FireEye can provide the ability to detect and respond to these new threats as they occur in your company network.