Windows AutoRun-NOX Worm Extended Rootkit Repertoire
Researchers at F-secure, an anti-virus company, have found the most sophisticated and subtle Windows rootkit software till date. They have named it AutoRun-NOX worm.
The AutoRun-NOX worm has extended the standard Vxer trick in which software vulnerabilities are exploited to infect the system. This software includes functionality which enables the worm to exploit security bugs in Windows by hooking parts of the system that runs below antivirus packages radar.
F-secure reported that majority of malware having rootkit functionality interferes with Windows kernel and try to implement code in the kernel mode. Generally, a particular driver is assigned to perform this f...
» SPAMfighter News - 14-10-2008