Microsoft Malware Protection Center

Threat Research & Response Blog

October, 2010

  • Prehistoric Virtual Machines

    When people in the industry talk about intentional obfuscation using virtual machines, (note that these are not the same virtual machines as Virtual PC or VMware, but rather it's a technical term that was in use long before these products came into existence), the two examples that are most likely to come to mind are VMProtect and Themida.  Both of them have been around since about 2004, only six years ago.   I'm trying to choose my terms carefully here, because by their nature, virtual...
  • i can haz flaming recon pls?

    If you play Halo, you probably know that the Recon Armor is a rare armor variant that is only available to the makers of Halo, Bungie, and players who have unlocked all Vidmaster challenges in previous versions of the game. With the recent release of Halo: Reach, a lot of users are looking for free means to get hold of this armor for their game play. Apparently, malware writers also took notice of this opportunity to distribute malware masking as code generators for the flaming recon helmet and Halo...