Slashdot Mirror

← Back to Stories (view on slashdot.org)

Windows Rootkit Wars Escalate

Posted by ryuzaki0 on from the most-secure-version-of-windows-ever dept.

An anonymous reader writes "The rootkit wars have started to escalate with a rootkit named Rustock which is able to remain hidden from all the popular anti-rootkit tools. It uses some new techniques including not only putting itself in a ADS (NTFS alternate data stream) which isn't seen by normal file system enumeration tools, but even blocks ADS aware tools from seeing the stream. Works in Vista, too! Analysis in both Symantec and F-Secure blogs."

4 of 342 comments (clear)

  1. Enough is enough by Le+Marteau · · Score: 0, Troll

    Breaking into a computer should be considered as serious as breaking into one's home. Enough of the "kids will be kids" stuff, and lets have our government go after the zombie masters as the scum that they are: invaders into our lives and our stuff.

    --
    Mod down people who tell people how to mod in their sigs
  2. Re:T-minus 3... 2... 1... by not+already+in+use · · Score: -1, Troll

    And go! Aww crap, the windows apologists beat me to the punch. Whether or not it's possible for a rootkit to go completely undetected on OSX, there's no denying that it hasn't happened yet, and thus, I don't have to deal with it. Not fanboy speak, just reality.

    --
    Similes are like metaphors
  3. Are you kidding? by JonTurner · · Score: -1, Troll

    >>lets have our government go after the zombie masters as the scum that they are: invaders into our lives and our stuff.

    Good luck with that. The US government can't even persue terrorists who kill American citizens without inviting substantial criticism. If they can't arrest cold-blooded killers you think they're going to be able to round up computer geeks?

    Maybe the UN can take care of this. (trying to supress a chuckle)

  4. Re:Security doesn't start at rootkit detection by Bryansix · · Score: 0, Troll

    While you are correct about 99% of of infections about 1% come just connecting to the internet. Remember that there was a time when MS did not have a patch out and you could get a virus just by being online. In addition holes in IE allow machines to be infected simply by surfing onto legitimate websites that have been compromised on the backend.