all InfoSec news
Malware development trick - part 35: Store payload in alternate data streams. Simple C++ example
Malware Analysis, News and Indicators - Latest topics malware.news
﷽
Hello, cybersecurity enthusiasts and white hackers!
Today, this post is the result of my own research on another popular malware development trick: store malicious data in alternate data streams (ADS) and how adversaries use it for persistence.
alternate data streams
Alternate Data Streams allow for multiple data “streams” to be associated with a single filename, a capability that can be used to store metadata. While this feature was designed to support Macintosh Hierarchical File System (HFS) which uses resource …
ads adversaries cybersecurity data development hackers hello malicious malware malware analysis malware development own payload persistence popular research result simple store today