Spam from the Kernel: Full-Kernel Malware Installed by MPack

Discussion in 'malware problems & news' started by lucas1985, Jun 29, 2007.

Thread Status:
Not open for further replies.
  1. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Symantec's weblog
    Trojan.Srizbi Writeup
    This is the "famous" Rustock.C :'(
     
  2. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    working totally in kernal-mode
     
  3. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Unfortunately true :'( :'(
     
    Last edited: Jun 30, 2007
  4. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,109
    Location:
    Saudi Arabia/ Pakistan
    How to get it, lol!
     
  5. fcukdat

    fcukdat Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    569
    Location:
    England,UK
    Last edited: Jun 30, 2007
  6. SirMalware

    SirMalware Registered Member

    Joined:
    Jun 6, 2006
    Posts:
    133
    Does not affect Windows 95, Windows 98, Windows Me

    For once I feel safe in the Internet using 98SE.
     
  7. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    I'm not sure if EP_X0FF states that the whole malware doesn't work on 9x OSes or that this rootkit can't hide itself on Win 95/98/Me, thus not being a "true" rootkit.
    LOL :D
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.