Posts Tagged ‘Rootkit’

DeepSAFE Unique Hardware-Assisted Malware Protection

New security solution has been introduced today by MacAfee, DeepSAFE is security platform comes to control and block malwares at the lowest level. According to the company, the platform will provide antivirus under the operating system, in the virtuale layer that makes use of the VT hardware-assisted virtualization. Rootkit have been changing their code and [...]

Share

Rootkit Hunter Open-source Tool for Countering Rootkits

Rootkit Hunter is a Unix-based tool that scans for rootkits, backdoors and possible local exploits. This tool works by using the following technique: Comparing the MD5 hash with a known MD5 algorithm so it scans the most important files. ┬áDefault files: ┬áscanning a lot of ‘default’ files and directories (used by rootkits).so no much time [...]

Share

Rootkit War Zeroaccess Kills TDL3

Cyber Gang have created a new way for getting income, the group is selling TDL3 malware on different underground forum with a modification of source code package that allow infected computer remove the TDL malware. Malware author have created two different versions one contains the original code and not for sale and another copy that [...]

Share

Pirated Copies of Windows XP Top Rootkit Target

A study that has been conducted by the AVAST Virus Lab has identified un-patched and pirated versions of Windows XP as the perfect target for rootkit infection. The study found that rootkits infecting via the MBR were responsible for over 62% all rootkit infections. Driver infection made up only 27% of infection. The clear leader [...]

Share

CloseTheDoor- Detect Network Security Holes

Remote backdoors is ways that are used by hackers to maintain access on the compromised systems.  Types of remote backdoors generally fall into three categories: Network Socket Listener, Trojan, or covert channels. Here there is an opensource tool that is called CloseTheDoor that can help you to discover and prevent these three categories of backdoor. [...]

Share

Utilities for Automating Rootkit Analysis

A rootkit is software that enables continued privileged access to a computer while actively hiding its presence from administrators by subverting standard operating system functionality or other applications. Rootkits are using hooking technique to intercept function calls or messages or events passed between software components communication by adding a special function to the top of [...]

Share

Microsoft Fixes Stuxnet Rootkit Vulnerability

Today Microsoft released new patches for different windows operating system among the vulnerabilities fixed one that may be exploited by Stuxnet. Stuxnet is a combination of rootkit, worm and Trojan that is spreading through removable drives using the Microsoft Windows Shortcut ‘LNK’ Files Automatic File Execution Vulnerability , at a previous case Siemens AG alerted [...]

Share