Rootkit may spark sophisticated network security
Monday, March 30, 2009
Security researchers have created a rootkit that could prove to be more malicious than its predecessors thanks to its ability of surviving after a machine reboots and avoiding detection from anti virus software.
After the rootkit is injected into a commercial BIOS firmwire using a Phython-based tool, cybercriminals could be given complete control of the compromised machine, DarkReading.com reports. This makes the rootkit "more dangerous" because its technology allows it to use the BIOS-located network to attack other machines "as well as using normal exploits without any access to the disk or memory in the operation system."
The researchers expanded on previous rootkits with a generic implementation that can work with different operating systems, according to the article. Through this updated element, they were able to attack OpenBSD and Windows machines with the BIOS code injection.
Existing network security safeguards may have difficulty clearing this particular rootkit from machines, researchers said. It runs without a hard disk and also may allow the cybercriminal to deactivate anti virus software in the process.
The researchers suggested that organizations and SMBs interested in combating this rootkit to prevent the flashing of the BIOS by enabling write-protection on the motherboard.
Related News:
Cyber criminals exposed medical records - 3.8.2010
More than 18,000 patients, whose medical information is stored on the computer systems of five doctors in Torrance, California, were potential victims of identity theft in September when cyber criminals penetrated the doctors' networks, according to the Los Angeles Times.
McAfee advises companies to boost web security relating to source code - 3.4.2010
At the RSA Conference, currently taking place in San Francisco, McAfee released a report indicating that companies regularly use too few web security protocols when protecting intellectual property such as source code.
False social networking attacks provides teachable moment for web security - 2.25.2010
A unique tool developed to prevent the spread of malware from social networking websites has been recommended Processor.com, a web and network security news provider.
With global web security under siege, exports point to problems - 2.25.2010
In 2009, Garlik, a United Kingdom-based web security company, reported a 207 percent increase in malware use to overtake bank accounts. Recent events have also shown vulnerability in corporate, private and governmental web security systems.
Kaspersky reports malware growing more sophisticated - 2.24.2010
Kaspersky, a web security provider, reported Wednesday that while there is very little growth in the amount of malware currently roaming the web, it is becoming more advanced and much harder to detect.
|
