Shadow Walker Root Kit Eats Anti-Virus for Breakfast

2 comments
Source Title:
'Shadow Walker' Pushes Envelope for Stealth Rootkits
Story Text:

A revolutionary stealth root kit dubbed "Shadow Walker" that was demonstrated at the BLACK HAT security conference in Vegas this week, can waltz right in to you PC under the noses of even the most sophisticated anti-virus software.

The proof-of-concept, dubbed Shadow Walker, is a modification of Butler's FU rootkit, a kernel-level program capable of hiding processes and elevating process privileges. The rootkit uses DKOM (Direct Kernel Object Manipulation) to fake out the Windows Event Viewer to make forensics virtually impossible and can also hide device drivers

anti-virus scanners must "completely revamp" existing rootkit detection technologies

Comments

Hmm.

Seems to me that anti-virus is different than anti-breakin, but what do I know?

A Virus

has to "break in" before it can do it's thing.

This is some scary shit.

No defenses against this at all right now. Goes past the best fire wall and anti-virus like it is not even there...

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.