In March this year experts at the US based security firm Sentinel Labs discovered a cutting edge code of the type generally associated with state sponsored Cyber Weapons. This Malware named “Gyges” has the potential of percolating into the commercial malware wielded by cyber criminals the world over.
Gyges uses comparatively intricate and esoteric methods to overwhelm sandboxing and security products that run or imitate alleged malware to figure out what it does. It also contains code that makes it difficult to reverse engineer or debug some of its internal workings.
According to the official report filed by Sentinel Labs Gyges also includes sophisticated components for data exfiltration, keylogging and eavesdropping of targeted networks . Gyges further uses what the Sentinel Labs calls a hooking bypass ‘logic bug’ in Windows 7 and 8. The sort of rare exploit normally invidiously protected by the perpetrators who write government sponsored malware.
Official Report of Sentinel Lab