Philosophically Secure Eugene Kogan's blog on information security and software engineering

9Jan/080

MBR rootkit found in wild

This isn't just any rootkit, but rather one that lives in the master boot record of your PC. That means it runs before Windows even fully boots up. It's also at a lower level in the system than anti-virus software, which makes it quite difficult to remove. Security Fix has a good summary of what was found and where this malware probably came from.

Symantec has a technical discussion of the malware (which they call Trojan.Mebroot), now that they've analyzed it. Note the last line: "To help prevent similar attacks in the future, if your system BIOS includes the Master Boot Record write-protection feature, now is a good time to enable it!"

  • E-mail this story to a friend!
  • Digg
  • Facebook
  • LinkedIn
  • del.icio.us
  • StumbleUpon

Enjoy this article?

Consider subscribing to our rss feed!

Filed under: hacking, microsoft, security Leave a comment
Comments (0) Trackbacks (0)

No comments yet.


Leave a comment


No trackbacks yet.

« Taking advantage of UPnP to be evil Insightful article on airport security »

Pages

Links

Categories

Meta