Author Topic: Subvirt new kind of rootkit  (Read 2802 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 32824
  • malware fighter
Subvirt new kind of rootkit
« on: March 16, 2006, 10:43:26 AM »
Hi forum members,

A rootkit in the form of a virtual machine for Linux and Windows, researchers developed such malware, look here:
http://www.eweek.com/article2/0,1895,1936666,00.asp

How are we going to defend ourselves? Is this to proof that the Fritz chip or Palladium is inescapable from 64-bit systems onward? By the way some rfid chips now seem to be vulnerable to viruses as well.


polonus

Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline RejZoR

  • Polymorphic Sheep
  • Serious Graphoman
  • *****
  • Posts: 9353
  • We are supersheep, resistance is futile!
    • RejZoR's Flock of Sheep
Re: Subvirt new kind of rootkit
« Reply #1 on: March 16, 2006, 12:42:15 PM »
I don't want some go damn chip limiting ME on my OWN machine.
The first moment i see it limiting me i'll sell the PC and buy console.
I'm sick of these asholes with their brilliant ideas that only keep their pockets full of $$$.
No thanks. As for security i'm like an impenetrable fortress. Why the heck i'd want that crap in my rig then? Worms here, spyware there, rootkits over there but i never had any of these to date. 7 years of massive PC usage is enough long to be sure about this.
Visit my webpage Angry Sheep Blog

Offline szc

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6957
Re: Subvirt new kind of rootkit
« Reply #2 on: March 16, 2006, 01:31:25 PM »
I don't want some go damn chip limiting ME on my OWN machine.
The first moment i see it limiting me i'll sell the PC and buy console.
I'm sick of these asholes with their brilliant ideas that only keep their pockets full of $$$.
No thanks. As for security i'm like an impenetrable fortress. Why the heck i'd want that crap in my rig then? Worms here, spyware there, rootkits over there but i never had any of these to date. 7 years of massive PC usage is enough long to be sure about this.

Exactly same thoughts and situation in here. I am 100% with you on this one Boris. If you know how you can even run your own system without a resident antivirus protection running and you'll still be ok. Of course it is not recommended especially if you are new in all this, but still... I know some old forum members in here running their systems completely without AV resident module running and they never ever had any problems with anything. They run online and local av scanns on regular basis, have some other small utilities installed to cover all bases, and that's it... sounds impossible ? Well, it's not...
MB: GIGABYTE GA-Z77X-UD3H Intel 7 Series  - LGA1155, CPU: Intel Core i5-3570K - Quad Core, 3.40GHz (3.80GHz Max Turbo), CPU COOLER: Cooler Master Hyper 212 EVO Direct Heat Pipe R2, RAM: 16 GB Kingston HyperX Blu DDR3, VIDEO CARD: Galaxy GeForce GTX 560 Ti - 1GB, GDDR5, POWER SUPPLY: Corsair Enthusiast Series TX750 V2 - 750 Watts, HD: Seagate Barracuda - 2TB, 7200RPM, 64MB, SATA 6Gb/s

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 32824
  • malware fighter
Re: Subvirt new kind of rootkit
« Reply #3 on: March 16, 2006, 08:33:29 PM »
Right my two good friends. And if you have some good System Monitoring you could stay free of rootkits even, and that for a long time to come.. That is not the point, it is a powerplay at a grand scale. Some want to do it for you, and these 200 big corps know what is good for you on 'your' comp & what should not be there. This could be a policy for chicken that do not know what they are doing, because they use their computers without a head. Bad enough for us they are uneducated, some don't even bother, and form the majority.

The day that everybody turns their old comp into a Linux firewall machine as a m0n0wall with iptables, etables, etc.  so that absolutely nothing can worm-tunnel itself over this firewall box or through, is still far away or may never come. The future as spelled out for us looks " default is beautiful" & "pay per click" and then things look a bit different, and it will be a heavily moderated future. It is going to be "baked" into your motherboards!

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!