Stealth rootkit makes its debut in the real world


Antivirus researchers and microbiologists are similar in that they both have occasionally predicted the rise of a new type of malignant attack before it is actually seen in the wild. In the biological arena, the continued spread of drug-resistant bacteria would be one example of this. In the world of electrons and data, some researchers had already prophesied the rise of rootkits that would be designed to hide themselves from ordinary means of detection.

Backdoor.Rustock.A is the first such stealth rootkit found outside the environs of the antivirus lab. Although Rustock.A (or Mailbot.AZ, as the F-Secure experts are calling it) is being rated by Symantec as an easy threat containment with a low distribution level, it uses some new techniques that make it virtually impossible to detect using conventional means. Stealth rootkit makes its debut in the real world

Linked by shanmuga Tuesday, 18th July 2006 3:01AM