Spam from the Kernel: Full-Kernel Malware Installed by MPack

Discussion in 'malware problems & news' started by lucas1985, Jun 29, 2007.

Thread Status:
Not open for further replies.
  1. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Symantec's weblog
    Trojan.Srizbi Writeup
    This is the "famous" Rustock.C :'(
     
  2. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    working totally in kernal-mode
     
  3. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Unfortunately true :'( :'(
     
    Last edited: Jun 30, 2007
  4. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    How to get it, lol!
     
  5. fcukdat

    fcukdat Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    569
    Location:
    England,UK
    Last edited: Jun 30, 2007
  6. SirMalware

    SirMalware Registered Member

    Joined:
    Jun 6, 2006
    Posts:
    133
    Does not affect Windows 95, Windows 98, Windows Me

    For once I feel safe in the Internet using 98SE.
     
  7. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    I'm not sure if EP_X0FF states that the whole malware doesn't work on 9x OSes or that this rootkit can't hide itself on Win 95/98/Me, thus not being a "true" rootkit.
    LOL :D
     
Loading...
Thread Status:
Not open for further replies.