Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hackers Serving Rootkits with Bagles

Posted by ryuzaki0 on from the worm-in-the-apple dept.

Iran Contra writes "Security researchers at F-Secure in Finland have discovered a rootkit component in the Bagle worm that loads a kernel-mode driver to hide the processes and registry keys of itself and other Bagle-related malware from security scanners. Bagle started out as a simple e-mail borne executable and the addition of rootkit capabilities show how far ahead of the cat-and-mouse game the attackers are."

6 of 150 comments (clear)

  1. Before long... by totalbasscase · · Score: 5, Funny

    Next time on Slashdot: "Bagle.GE authors sued by Sony for rootkit copyright infringement!" Honestly though, maybe we should all just start carrying around rootkits on our USB keys. Plug it into your aunt's computer, and she'll never forget your birthday again (even if she wanted to).

    --
    Fragging my father since 2004
  2. As seen on their blog page... by True+ChAoS · · Score: 5, Informative

    This has been written about before on the F-Secure security blog. There's also a nice pic of what all the different parts of bagel look like and how they interact.

    --
    WARNING: May contain traces of nut
  3. [Off topic] It's not a worm! by january · · Score: 5, Interesting

    It definitely isn't, trust me. I'm a ...biologist.

    I mean the picture, of course: http://images.slashdot.org/topics/topicworms.gif -- it is an insect larva, not a worm. To be more specific -- probably a butterfly caterpillar.

    You want to see a worm? Here -> http://www.desc.med.vu.nl/NL-taxi/ICE/C_elegans1.j pg is a nice picture of C.elegans, The Model Worm (r).

    January

  4. Mmmmm... bagels! by jtcedinburgh · · Score: 5, Funny

    Mark me OffTopic if you will (it's Friday and I'm feeling brave, so I'll take that risk), but when I first read this, I read it as:

    "Hackers Serving Rootkits with Bagels"

    ...and I started to think how cool a hacker café would be... then I got to wondering what else you might be able to order at a hacker café:

    Trojan Muffins (secret filling might bring surprise!)
    DDoS Donuts (very tasty, but eat too many and they gang up on you)
    L33t Latté (quintuple espresso with a single shot of milk)
    Keylogger Cakes (be careful, they're watching)

    ...and so on (I shall spare you the rest).

    Ah well, as they say in these parts 'ah'll get me coat'...

  5. Re:The evolving virus by january · · Score: 5, Interesting

    Agree. This will be a breakthrough, and if anything is a mystery -- then the question, why it hasn't already happened.

    Evolving computer programs -- not simple genetic algorithms, but programs that actually "thrive" on CPU time and memory, and compete for these resources -- have been already used to experimentally investigate evolution. Note that there is a serious difference between a genetic algorithm and a truly evolving program. In the former case, the fitness function is precisely defined by the programmer. In the latter, the fitness is just what it is in living organisms -- ability to pass on the genes, or code.

    Check out the web page -- http://www.msu.edu/~lenski/ -- of Richard Lenski, experimental evolutionist (bacteria in a test tube + computer), you will find a nice article on in silicio evolution on his web page. The guy has 4 Nature and 2 Science publications only on the topic of digital evolution.

    January

    j.

  6. I blogged Ubuntu LiveCD to explain to noobies by ScrewTivo · · Score: 5, Interesting

    I got so tired of explaining it over and over. Ultimate Spyware/Virus Blocker. If you think there is something I need to add or remove then please leave a comment.

    My friend is opening up a coffee shop that will have an ap. I will make some copies of Ubuntu for the customers to use.

    Now where do I find a dentist for the rootkit I received when I didn't take my own advice :)

    --
    Gizmos Gagets For Ninjas