MBR rootkit found in wild
This isn’t just any rootkit, but rather one that lives in the master boot record of your PC. That means it runs before Windows even fully boots up. It’s also at a lower level in the system than anti-virus software, which makes it quite difficult to remove. Security Fix has a good summary of what was found and where this malware probably came from.
Symantec has a technical discussion of the malware (which they call Trojan.Mebroot), now that they’ve analyzed it. Note the last line: “To help prevent similar attacks in the future, if your system BIOS includes the Master Boot Record write-protection feature, now is a good time to enable it!”
No comments yet. Be the first.
Leave a reply
