|
|
|
|
|
|
by moyix
4229 days ago
|
|
|
Oh cool, I (indirectly) have code in this, since the Volatility memory analysis framework is used to scan memory for the malware signatures. As others have noted, this is unlikely to protect against new infections, since governments will surely just check to make sure their malware isn't detected by the scanner. On the other hand, since we don't really trust corporate AV to detect state-sponsored malware, it seems like this fills a need right now, and will likely result in some organizations discovering they've been compromised by this kind of surveillance malware. So this still seems very useful right now. |
|
|