Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rustock.a, The Next Generation Of Rootkits


  • Please log in to reply
1 reply to this topic

#1 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,112 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:13 AM

Posted 29 June 2006 - 09:40 PM

...Recently our lab discovered a new rootkit sample in the wild that is very unique given the techniques it uses. It was named Backdoor.Rustock.A, and because of its special characteristics it can be considered the first born of the next generation of rootkits. Rustock.A consists of a mix of old techniques and new ideas that when combined make a malware that is stealthy enough to remain undetected by many rootkit detectors commonly used (such as RootkitRevealer, BlackLight and IceSword)...So, why is Rustock.A so special?...All of the features that I have mentioned here make Backdoor.Rustock.A totally invisible on a compromised computer when installed. It even seems able to achieve all of its stealth functionality without any problems on a beta version of Microsoft Windows Vista (6.0.5270)...

symantec.com
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor

  • Topic Starter

  • Global Moderator
  • 51,112 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:13 AM

Posted 15 July 2006 - 07:47 AM

F-Secure said it has released a new version of the BlackLight rootkit scanner, Build 2.2.1041, which can detect Rustock.

techworld.com
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users