The first thing this feature reminded me of, is those recent viruses which are capable of executing code directly from memory, so as to keep their malicious creations invisible
(PRWEB) July 31, 2012
A lot has been said about the Stuxnet & Flamer viruses, which are believed to have targeted Iran’s nuclear facilities. For the first time, a software maker tells about how those viruses helped improve its products. Last Wednesday, virtualization software producer Cameyo has announced on its blog that some of the new features currently under development were in fact inspired by the Stuxnet virus.
On his blog, the virtualization software’s author explains how mimicking the famous virus’ stealth mechanisms, helped him build a better software, with better features.
About Stuxnet, Flamer
In late 2010, the Iranian government officially admitted that their nuclear facilities were severely infected by a computer virus, believed to be the fruit of a cyber-attack. The virus, developed by a large, skilled development team, is believed to have been crafted by a foreign country’s military cyber unit. Further analysis of the virus has unraveled an extremely complex virus, with exceptional stealth abilities.
The virus' stealth mechanisms have inspired a hi-tech software company. Cameyo is the new kid in town in the field of application virtualization. One of its users’ most requested features is the ability to launch virtual apps without leaving traces on the host machine. By launching applications directly from memory, Cameyo’s virtual apps would hence be capable of executing entire Windows applications without extracting a single executable file or DLL on disk.
The product’s author took the challenge. “The first thing this feature reminded me of, is those recent viruses which are capable of executing code directly from memory, keeping their malicious creations invisible”, says Cameyoco. “I started analyzing those viruses inside-out, and reading every document I could find about them. I became so fascinated that I sometimes simply forgot to sleep!”
After quite some research, it became clear that some of the features he wanted to build for his product already existed… inside that virus. “There’s some resources and information on the Internet about doing something similar to what I wanted. However, most of it was too specific to one version of Windows. Most of the examples I found online either only worked on specific Windows versions, or only on 32-bit. Ironically, the Stuxnet virus’ mechanism was much more reliable, generic, and functional than any other technical resource I could find. I suppose it shows that this virus was really written with military quality criteria in mind”, he concludes.
About the Cameyo Stealth mode feature
The new feature, codenamed “Cameyo Stealth mode”, is currently under development and is expected for Q4 2012. The feature will bring new benefits to virtual applications:
- More mobile: by writing less files to the disk, Cameyo virtual applications become more easy to transport from one computer to another via the Cloud, DropBox, USB disk-on-key and LAN.
- Storage space: by executing directly from memory, virtual applications occupy less space on disk.
- Privacy, copyright, security: by not leaving traces on disk, virtual applications can be more easily and safely used on public and non-trusted PCs.
Cameyo is the fastest-growing application virtualization software. It brings innovation and simplicity into its field. Since its launch a year and a half ago, it has been selected by PC Magazine as best free virtualization product of 2011 and 2012. Among its most notable innovations are: online app packaging technology, one-click packaging, virtual apps public library. Cameyo’s mission is to make Windows applications easy to try, use, move and remove.
All products and services mentioned are the property of their respective companies.