PandaLabs detects trojans that use new form of Rootkit attack; rootkits designed to hide by replacing master boot record with one of their own

Dark Reading Staff, Dark Reading

January 10, 2008

1 Min Read

GLENDALE, Calif. -- PandaLabs, Panda Security’s malware analysis and detection laboratory, has detected the appearance of Trojans that include rootkits (MBRtool.A, MBRtool.B, MBRtool.C, etc.) designed to replace the master boot record (MBR), the first or zero sector of the hard disk, for one of their own. A rootkit is a program designed to take fundamental control of a computer system, without authorization by the system's owners and legitimate managers.This new form of attack is a revolutionary use of rootkits, making it even more difficult to detect the associated malicious code.

“This system of attack makes it practically impossible to detect the rootkits and the malicious code they hide once they are installed on a computer,” said Luis Corrons, technical director of PandaLabs. “The only feasible defense is to detect these rootkits before they enter the computer. In anticipation of other similar malicious code that may appear, it is essential to use proactive technologies that can detect threats without having previously identified them.”

Panda Security

Read more about:

2008

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights