Nov 21, 2009

New Rootkit Uses Old Trick To Hide - Info on Trojan.Mebroot

 		free web hosting
Open Discussion > MODERATED AREA > Computers > Computer Security Issues & Exploits

New Rootkit Uses Old Trick To Hide - Info on Trojan.Mebroot

Saint_Michael
Jan 14 2008, 03:01 AM
Well it seems Trojans and root kits are making a deadly combination this especially with a technique thats pretty darn old.

QUOTE
The malware, called Trojan.Mebroot by Symantec, installs itself on the first part of the computer's hard drive to be read on startup, then makes changes to the Windows kernel, making it hard for security software to detect it.


Well at least I understand how or where root kits become effective a bit more, but really you think if everyone is aware of it they would have found a way to patch that hole. I guess not since 5000 computers got tagged with this in 1 month since then. Of course to make it even worse this little Trojan goes after the Master Boot Record (MBR) which is a very bad thing if you get this installed, since now your computer is in complete control of your computer.

Again though I don't know if they Trojan makes are smart or dumb or the people who fall for the traps are dumb, but basically in order to get this installed you need to be suckered into a corrupted website, and then the largest attack starts until your computer gets breeched. Meaning that they most be unloading some of the biggest Trojans and viruses that you may not be protected from and get in that way.

As for protection it depends on what Anti-virus software you have but it seems most vendors have something for this so I check at your vendor's website and see what they have for it.

SOURCE

 

 

 


Comment/Reply (w/o sign-up)

csp4.0
Jan 14 2008, 10:22 AM
well, i didn't know that viruses still went after the master boot record. I always scan any file I download from an untrusty source using virusscan.jotti.org but the biggest security threat comes from my parents. I can't believe that my mum clicked "No" when that WinFixer ad popped up, luckily I unplugged the ethernet cable before the download was completed. Anyhoo, I just hope it doesn't do more damage like downloading more and more viruses from servers around the world. If it does infect the master boot record, the only way is to re-format your computer or use some dodgy program that "restores your master boot record"

I just hope that people won't turn to the old tricks used in the old days when we had those 10megabyte hard drives such as the classic (and sometimes funny) "I LUV U" virus and that "You Have Mail -Click here to go to your inbox" one... because some anti-virus programs don't even care about those viruses anymore...

Comment/Reply (w/o sign-up)

t3jem
Jan 14 2008, 10:15 PM
QUOTE(csp4.0 @ Jan 14 2008, 03:22 AM) *
... the biggest security threat comes from my parents. I can't believe that my mum clicked "No" when that WinFixer ad popped up, luckily I unplugged the ethernet cable before the download was completed.


I know just how you feel. I have a friend who broke two laptops in one year from viruses and he won't even let me fix them, but he still has no idea why they broke. I check all untrusted files thoroughly with avast, but he'll open anything that even suggests it can be opened. Anyways, hopefully this get's fixed quickly, because i've heard root kits are impossible to get rid of.

Comment/Reply (w/o sign-up)


Got an Opinion! Express your Views! (no registration):-
Add your Reply/ Opinion/ Views/ Comments/ Suggestion/ Questions/ Queries etc.
Posts with decent grammar & English will be accepted and please refrain from profanities.
For asking a Question, We recommend you to sign-up (for free) so that you can track the topic easily.
Nature of your Post*: Opinion/ Reply/ Comments
Question/Query
Feedback to us.
       
Name   Email
Title/Question*

This textarea will convert to Rich-Text automatically (IE, Firefox, Chrome)

Similar Topics

Keywords : rootkit, trick, hide, info, trojan, mebroot

  1. Registry Tweaks
    tips and trick for regedit (3)
  2. Mcafee Lets Users Download Rootkit Program For Free
    (2)
    Since the beginning of 2007 a lot of the security reports I have been reading have mentioning about
    hackers using rootkits to get into people's computers. Google defines a rootkit as a set of
    programs used to hack into a system and gain administrative-level access. Once a program has gained
    access, it can be used to monitor traffic and keystrokes; create a backdoor into the system for the
    hacker's use; alter log files; attack other machines on the network; and alter existing system
    tools to circumvent detection. Rootkits are an extreme form of System Modificatio....
  3. Anyone Have Info On "spyhackerz.com"?
    failed hacking attempt at my site by these guys (18)
    Hi all I just checked my site, hosted here at trap17.com, and my guestbook was full of html code,
    when i checked the file used to store the content of the guestbook i notice the HTML was as follows
    QUOTE Hacked By Spyhackerz.com www.spyhackerz.com
      src=http://spyhackerz.com/music/index.mp3 width=20 height=15 autostart="true" loop="true">
      So im just wondering if anyone has any info on these people. I recommend not going
    on the website incase they trace your IP etc....I haven't visited yet eithe....
  4. Blaster/sasser Worms Info
    (4)
    We all know that when Blaster or Sasser infect your computer the following things are observed: 1.
    The computer gets slow. 2. The search engine Doesnt work. 3. The computer often shuts down if we
    access the internet. Cure: To remove the worm, a removal tool should be downloaded from the
    internet. But it is not possible to do it because as soon as we connect to the internet a countdown
    for system restart starts. This problem can be over come by the following process.. Connect to the
    internet and search for the removal tool. It is also available on microsoft.com When the....
  5. Big Brother Is Watching .. & Sneaking Your Info
    personal privacy violations (7)
    Hi all, came across this newspaper article (& web posts about it) the other day. Thought it would
    be good for an opinion poll. re: more ways our personal privacy is being invaded. When will it all
    stop ? The article talks about government agencies gaining access to your personal files in an
    underhanded/"sneaky" way without "due process" of law (ie. court orders..etc). Here's the
    link(s) : http://the.honoluluadvertiser.com/article/...ln01a.html-FBI& computer repair shops Guess
    everyone should learn computer encryption & hard drive "wiping" security precautions BE....
  6. Credit Card Info Stolen...
    Security Breach (2)
    hi, The credit card breaches are starting to occur more frequently now.. (at least twice in last
    two months.. as far as I remember). Read the following article: QUOTE In what could be the
    largest data security breach to date, MasterCard International on Friday said information on more
    than 40 million credit cards may have been stolen. Of those exposed accounts, about 13.9 million
    are for MasterCard-branded cards, the company said in a statement. Some 20 million Visa-branded
    cards may have been affected and the remaining accounts were other brands, including Ameri....
  7. Dangers Of Google Web Accelerator
    Clicking links you don't want to click, and deleting info (21)
    Albeit another topic on Google Web Accelerator has been made, this topic addresses another
    different security concern. This is on the security concern on how Google Web Accelerator operates.
    While your internet connection isn't going any faster, the "illusion" of faster loading pages is
    caused by Google prefeching the pages and links, *before* you visit them. Therefore, all the pages
    have been downloaded into your hard drive. Which brings up the following problem: Since Google Web
    Accl. prefetches ALL links on a page, if the page had a link like: "cancel my accoun....
  8. Warning: Virus Spreading Through Msn Messenger
    any info? (18)
    I was online, and then a friend sent me that file, and I accepted it because he's been wanting
    to send me a program that improves the resolution of the screen. But then my email address was in
    the file name, so I asked him what that was. To my horror, he said 'virus', but it was too
    late, I already opened it and then several chat screens popped-up, and it was auto-sent to some of
    the friends on the contact list. Luckily i was quick enough to ask them not to click on it. And my
    norton internet security and microsoft anti spyware program detected it and asked ....


      9. Looking for rootkit, trick, hide, info, trojan, mebroot

Searching Video's for rootkit, trick, hide, info, trojan, mebroot
See Also,
advertisement


New Rootkit Uses Old Trick To Hide - Info on Trojan.Mebroot

Affordable Web Hosting, Low cost Web Hosting - ComputingHost.com