The Dissection of a RootkitBy Lisa Vaas | Posted 2007-02-23 Email Print
Modernizing Authentication — What It Takes to Transform Secure Access
F-Secure Security Labs' new paper takes apart the dangerous and stealthy rootkit and tells us how helpless we now are against this increasingly popular form of attack.Security analysts have been predicting that kernel rootkits, which cloak their activity by replacing a portion of a program's software kernel with modified code, are expected to continue to grow in frequency in 2007.
While rootkit-fighting technologies such as the PatchGuard kernel protection system built into 64-bit versions of Microsoft's new Windows Vista operating system are arriving, most PC users will still be left open to the attacks over the next twelve months, CA has said, and even experienced PC users are vulnerable to their sophisticated techniques.
F-Secure Security Labs has been tracking and dissecting kernel malware for years; this form of attack was first spotted as far back as 1999, in the form of the WinNT/Infis attack.
Read the full story on eWEEK.com: The Dissection of a Rootkit.