Spam from the kernel

2007-11-01

Kimmo Kasslin

F-Secure, Malaysia

Elia Florio

Symantec, Ireland

Editor: Helen Martin

Abstract

Trojan.Srizbi is the first example seen in the wild of a complex piece of malware that operates fully from kernel mode. Kimmo Kasslin and Elia Florio provide a detailed analysis.

The full article is available to registered users. Click here for free registration or, if you already are a registered user, login to access the full article.

Magazine


	November 2007 PDF Please register to download the PDF Comment Search engines in research and vulnerability assessment News E-crime unit to get government funding? VB100 NetWare update Malware prevalence report September 2007 Letter Application whitelisting Analysis Spam from the kernel Features Anonymous proxies: the threat to corporate security enforcement Malware storms: a global climate change Book review Birds of a feather... Product review ESET Smart Security Calendar Anti-malware industry events Spam Bulletin Supermarket sweep Melissa has users CAPTCHA'd The sound of spam Evading SpamAssassin with obfuscated text images See also Virus Bulletin archives How to become a subscriber Reprints

Quick Links

Poll

The Japanese government is reported to have commissioned a 'defensive virus'. Is 'defensive' malware ever a good idea?
Leave a comment
View 11 comments

Virus Bulletin


	In this month's magazine: Living the meme If Svar is the answer... Static analysis of mobile malware And the devil is six: the security consequences of the switch to IPv6 Behind enemy lines: reporting from the CCC 28C3 Congress Subscribe now!

Virus Bulletin currently has 224,243 registered users.

Fighting malware and spam

Spam from the kernel

Kimmo Kasslin

Elia Florio

PDF

Comment

News

Malware prevalence report

Letter

Analysis

Features

Book review

Product review

Calendar

Spam Bulletin

See also