Your computer is now stoned (...again!)

2008-04-01

Elia Florio

Symantec Security Response, Ireland

Kimmo Kasslin

F-Secure Security Lab, Malaysia

Editor: Helen Martin

Abstract

Mebroot - the MBR rootkit - is one of the most advanced and stealthiest malware seen to date. It operates in the lowest levels of the operating system, uses many undocumented tricks and relies heavily on unexported functions and global variables. In this article Elia Florio and Kimmo Kasslin track the rise of the MBR rootkit.

The full article is available to registered users. Click here for free registration or, if you already are a registered user, login to access the full article.

April 2008

PDF

Please register to download the PDF

Comment

Political DDoS around the world

News

Malware prevalence report

February 2008

Malware analysis

Your computer is now stoned (...again!)

Spam Bulletin

Poll

How are your spam levels compared to two months ago?

Leave a comment
View 4 comments

VB100 certification

The final VB100 of the year sees a double whammy of potential pitfalls for our comparative participants - the Vista operating system, which still seems shiny and new as well as a little scary (to both developers and users), as well as the x64 architecture, whose ostensible compatibility with standard 32-bit software belies oddities and intricacies that developers ignore at their peril. The announcement of the test brought a few surprises, as several regulars opted to skip this one, but the majority of veteran competitors took part as usual, along with several newer faces, many of whom look set to join the ranks of our regulars.
See full results.

Virus Bulletin currently has 148,250 registered users.

Fighting malware and spam