Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hackers Serving Rootkits with Bagles

Posted by ryuzaki0 on from the worm-in-the-apple dept.

Iran Contra writes "Security researchers at F-Secure in Finland have discovered a rootkit component in the Bagle worm that loads a kernel-mode driver to hide the processes and registry keys of itself and other Bagle-related malware from security scanners. Bagle started out as a simple e-mail borne executable and the addition of rootkit capabilities show how far ahead of the cat-and-mouse game the attackers are."

1 of 150 comments (clear)

  1. As seen on their blog page... by True+ChAoS · · Score: 5, Informative

    This has been written about before on the F-Secure security blog. There's also a nice pic of what all the different parts of bagel look like and how they interact.

    --
    WARNING: May contain traces of nut