April 7, 2006

Beyond Rootkits: First Standalone Kernelmode Bot?

zanek writes "A new kernelmode rootkit has the ability to communicate via Internet Relay Chat without relying on outside applications. This represents a dangerous escalation in Windows rootkit ability, as previous kernelmode device drivers required help from usermode programs. While the IRCbot released is non-destructive, it can be easily enhanced. The developer has made the download available as a Visual Studio 2003 project."

Link: emailbattles.com

Category:

  • Security
Click Here!