New MBR rootkit goes undetected

Are these rootkits only a problem for 32-bit systems
or can they now also infect vista 64-bit?

 

BluePill rootkit was developed on x64 systems only. So yes, x64 rootkits do exist (I guess)

http://northsecuritylabs.blogspot.com/2008/06/catching-blue-pill.html

also: http://bluepillproject.org/

 

Perhaps the best idea is fill your HD with security apps so there's no room for any malware!

 

I just got the RSS feed report

http://www.prevx.com/blog/131/MBR-Rootkit-reloaded.html

 

I assume if prevx is so worried about the lack of detection by other security vendors they have shared samples with the security community to combat such a "dangerous" threat....unless they are going to pull a "Dr.Web"

 

Right I can assure you I personally shared all the samples I have with all companies that asked me for them. Sure, I'm not going to hunt for every single e-mail contact inside every single company and send samples in a spam-like way If anyone from security vendors want them, just ask for them I think it's the best way for everyone

 

I think we both know about a certain place(s) where vendors meet for malware researching, makes sense to lay them out in there perhaps....I mean of course this is great that you found it and congratulations on the technical knowledge, props for being the first.... but if its something revolutionary collective intelligence is better than none.

 

As you may know, inside certain places samples are available since April So they have been always available to everyone

 

In which case I apologise since I missed that.

 

No problem at all You're more than welcome

 

No, it's vulnerable.

 

New variant of mebroot detected as vendors criticised for failing to react to threat

 

Dr.Web can neutralize all known modifications of the Backdoor.Maosboot including its latest variation discovered in May and still undefeated by any other anti-virus.

 

Interesting analysis by Sergey Golovanov at KL here.

 

... and it says so on their own website - *applause*.