Anti-virus vendors typically use sandboxes to isolate malware that is detected by their scanning engines. But what happens if the sandbox is leaky?
That's precisely the scenario that SafeBreach co-founder and CTO Itzik Kotler and Vice President of Security Research Amit Klein detailed in a session at the Black Hat USA conference last week.
The SafeBreach duo explained how they were able to create a malicious file to trick the anti-virus engine into running the code in a supposedly isolated sandbox. As it turns out, the sandbox was leaky and the researchers were able to get information out.
Kotler and Klein provided an overview of the method in a press conference at the event.
Watch the full video below:
Sean Michael Kerner is a senior editor at eSecurityPlanet and InternetNews.com. Follow him on Twitter @TechJournalist.