Newfangled Rootkits Survive Hard Disk Wiping

[Peaches]

Newfangled rootkits survive hard disk wiping

BIOS attack targets PC nether region

By Dan Goodin in San Francisco

Posted in Anti-Virus, 24th March 2009 22:17 GMT

Researchers have demonstrated how to create rootkits that survive hard-disk reformatting by injecting malware into the low-level system instructions of a target computer.

The researchers, from Core Security Technologies, used the techniques to inject rootkits into two computers, one running the OpenBSD operating system and the other Windows. Because the infection lives in the computer's BIOS, or basic input/output system, it persists even after the operating system is reinstalled or a computer's hard drive is replaced.

RegAd('mpu1', 'reg.security.4159/antivirus', 'pos=top;sz=336x280', VCs); While researchers have focused on BIOS-based rootkits for at least three years, earlier techniques generally attacked specific types of BIOSes, such as those that used ACPI, or Advanced Configuration and Power Interface. The techniques demonstrated by the Core researchers work on virtually all types of systems, they said.

The Register for full article - http://www.theregister.co.uk/2009/03/24/pe..._bios_rootkits/

Worm breeds botnet from home routers, modems

More than 100,000 hosts invaded

By Dan Goodin in San Francisco

Posted in Security, 24th March 2009 00:20 GMT

Security researchers have identified a sophisticated piece of malware that corrals consumer routers and DSL modems into a lethal botnet.

<DIV id=body> The "psyb0t" worm is believed to be the first piece of malware to target home networking gear, according to researchers from DroneBL, which bills itself as a real-time monitor of abusable internet addresses. It has already infiltrated an estimated 100,000 hosts. It has been used to carry out DDoS, or distributed denial of service, attacks and is also believed to use deep-packet inspection to harvest user names and passwords.

<DIV id=article-mpu-container> <DIV class=ad-now id=ad-mpu1-spot> RegAd('mpu1', 'reg.security.4159/front', 'pos=top;sz=336x280', VCs);

Worm breeds botnet from home routers, modems

More than 100,000 hosts invaded

By Dan Goodin in San Francisco

Posted in Security, 24th March 2009 00:20 GMT

Security researchers have identified a sophisticated piece of malware that corrals consumer routers and DSL modems into a lethal botnet.

<DIV id=body> The "psyb0t" worm is believed to be the first piece of malware to target home networking gear, according to researchers from DroneBL, which bills itself as a real-time monitor of abusable internet addresses. It has already infiltrated an estimated 100,000 hosts. It has been used to carry out DDoS, or distributed denial of service, attacks and is also believed to use deep-packet inspection to harvest user names and passwords.

<DIV id=article-mpu-container> <DIV class=ad-now id=ad-mpu1-spot> RegAd('mpu1', 'reg.security.4159/front', 'pos=top;sz=336x280', VCs);