How Attackers Thwart Malware Investigation

... attackers have also focused on making defenders pay dearly for gathering digital intelligence on their attacks: From domain-name generation to more subtle code obfuscation, attackers are adopting techniques to raise the cost to defenders of detecting attacks, analyzing malware and gathering intelligence.

This is not new. We've been doing this (on the attack side of the fence) for many years. However, real attackers are getting really good in finding very clever ways obfuscate what they are doing.

One of the techniques we often use is having one very noisy attack malware roaming the target network attracting all the attention, building their logs, setting off all the alarms, etc. Meanwhile a secondary stealthier attack program performs the actual collection and extraction of information.

It's an interesting article.