OK, so there's been a bit of hubbub surrounding Kaspersky's experiment in abusing the sample sharing ecosystem that has evolved from the VirusTotal virus scanning portal. No surprise, just another example of another security feedback-loop that can be abused for good or ill purposes.
So, changing hats for a minute, I decided to think a little more on how you could intentionally abuse this feedback-loop if you set your mind to it. Needless to say, the opportunities for the so-inclined to mess the system up are present in abundance.
The new blog entry has been posed over at the Damballa site - Killing Antivirus, One DLL at a Time.
Is it likely that someone will do this? hell yeah! ;-)