Slashdot Mirror

← Back to Stories (view on slashdot.org)

Boot Sector Viruses & Rootkits Poised For Comeback

Posted by ryuzaki0 on from the oldies-but-goodies dept.

Ant writes "Ars Technica says Panda Labs' first quarter 2008 malware report raises a new concern, though it comes from a surprising direction. According to the company, boot sector viruses loaded with rootkits are poised to make a comeback. This honestly sounds a bit odd, considering how long it has been since a boot virus has topped the malware charts, but it's at least theoretically possible (pdf). Such viruses have a simple method of operation. The virus copies itself into the Master Boot Record (MBR) of a hard drive, and rewrites the actual MBR data in a different section of the drive. The report also covers a number of other topics and makes predictions about the types of attacks computer users may see in the future. Forecasting these trends is always tricky."

2 of 95 comments (clear)

  1. Why? by Rurik · · Score: 5, Insightful

    I wonder why a virus writer would even want to do this? Nearly all have learned that instead of wreaking havoc for fun, they can wreak havoc and make money off it. There's a reason most writers stopped writing boot sector viruses. Viruses are more fun when they can perform click-fraud, and other long-term money making actions, instead of destroying a user's computer.

  2. Virtualization complications by wheatking · · Score: 5, Insightful

    so what happens w/ all this virtualization (VMware, Xen, Microsoft/Kidaro, RingCube, Moka5,...) coming in... aren't bare metal vulnerabilities @ the hypervisor layer a bigger deal?