Rootkit for Win7 and Vista !!!

Discussion in 'malware problems & news' started by CloneRanger, Mar 21, 2010.

Thread Status:
Not open for further replies.
  1. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    NOTICE

    RE - Rootkit for Vista and Win7 !!! https://www.wilderssecurity.com/showthread.php?t=268042

    Even though my original thread had a screenie of the RK's features etc from the authors website, with non clickable links etc, it was felt that too much information was still contained within it. So i've remade this new thread without that info.

    If this, and possibly others to come, start being utilised from now on, which is what they are intended for, then there could be BIG problems. So just please be aware that Nothing is 100% safe, or probably ever will be.

    Whistler Bootkit a new powerful windows bootkit

    :

    http://blog.novirusthanks.org/2010/02/whistler-bootkit-a-new-powerful-windows-bootkit/
     
  2. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Nothing really new here. The original was free (open source project) to download for anyone interested in the loader. Whistler is simply just a re-hash.
     
  3. pandlouk

    pandlouk Registered Member

    Joined:
    Jul 15, 2007
    Posts:
    2,572
    Is it based on the mbr Stoned Bootkit?
     
  4. stackz

    stackz Registered Member

    Joined:
    Dec 27, 2007
    Posts:
    621
    Location:
    Sydney Australia
    Yes, its just a rip off of Stoned Bootkit.
     
  5. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    @Meriadoc

    Let's hope your right :D Sounded like there was though !

    Yeah i know Whistler is simply just a re-hash of the Stoned Bootkit, but even so those RK boys and girls arn't script kiddies anymore, so who knows what they might be able to do with it ?

    It did say a 64 Bit version was planned, in which case that could make it more lethal :ouch:

    Guess we'll soon see, one way or the other.
     
  6. webster

    webster Registered Member

    Joined:
    Feb 23, 2004
    Posts:
    285
    Location:
    Denmark
    I am not shure, but if this operates in the part of the kernel, where security programs are not allowed to operate, i guess we are all doomed :'(. If it gets in, it is there until you reformat.
     
  7. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    What hidden place would that be?
    Is it creating its own Hidden/Host Partition/Protected Area?
    Or, is it using the space set aside for replacing bad sectors?
     
  8. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    @Searching

    Don't know, but i'd like to.
     
Loading...
Thread Status:
Not open for further replies.