Undetectable Malware?

Discussion in 'other security issues & news' started by Antarctica, Jun 29, 2006.

Thread Status:
Not open for further replies.
  1. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    1,617
    Location:
    Canada
    A security researcher with expertise in rootkits has built a working prototype of new technology that is capable of creating malware that remains "100 percent undetectable," even on Windows Vista x64 systems.


    http://www.eweek.com/article2/0,1895,1983037,00.asp
     
  2. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    Its only udetectable at the moment!do you really think it will remain so forever(or even or very long)?
     
  3. sosaiso

    sosaiso Registered Member

    Joined:
    Nov 12, 2005
    Posts:
    601
    It's undetectable because it hasn't made it onto the blacklists yet. That is the weakness of anti- [insert word here. ie. viruses, trojan, malware]. They rely on signatures. AKA blacklists. If it hasn't been seen, it won't be prevented.
     
  4. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,694
    Hello,
    It's so simple. Boot from CD / DVD ... Check out for files and folders that aren't there in normal state ...
    Mrk
     
  5. emir

    emir Registered Member

    Joined:
    Dec 21, 2005
    Posts:
    61
    Mrkvonic, are you referring to something along the lines of Bart's PE, something which does not let the hard drive start up at all? Because I have read articles describing this, I can't remember where though. This is very good point for detection, but if you don't know it's there(polymorphonic/no signature) I guess you could just do this on the regular for good measure. Like if you are just that paranoid or curious or are admin of sensitive information database right? So like Knoppix STD or other Linux live distro is right up this alley huh?
     
  6. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Unless we...
    Gain control beneth the rootkit.
    Gain control before os.
    Have hardware detection, Intel, AMD.

    It will be interesting to see how the relationship proceeds between concept and technology.

    ...If you dont know Joanna Rutkowskas work you can checkout her site/blog http://theinvisiblethings.blogspot.com/
     
    Last edited: Jun 30, 2006
  7. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,694
    Hello,
    Yes, BartPE, Helix, Knoppix, etc...
    Mrk
     
  8. oopsminded

    oopsminded Registered Member

    Joined:
    Apr 18, 2006
    Posts:
    21
    Joanna Rutkowska, on http://theinvisiblethings.blogspot.com/
     
  9. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,694
    Hello,
    Negative.
    Mrk
     
  10. controler

    controler Guest

  11. controler

    controler Guest

    I knew of Johanna's invisable.org site but guess I didn't know of her blog.

    And I did make a comment about the same group from rootkit dot com hanging out at antirootkit dot com but it really makes no difference.



    controler
     
Loading...
Thread Status:
Not open for further replies.