The Inquirer-Home

Boffinette creates 100 percent undetectable Malware

The female of the species…
Fri Jun 30 2006, 08:44
A SECURITY boffinette says she has created malware that remains "100 percent undetectable".

Joanna Rutkowska who researches stealth malware for IT outfit COSEINC, says her new Blue Pill concept uses AMD's SVM/Pacifica virtualisation technology to create an ultra-thin hypervisor to take control of the operating system.

She will be showing off her idea to the SyScan Conference in Singapore on July 21 and at the Black Hat Briefings in Las Vegas on August 3. This will include a working prototype that runs on Windows Vista x64 Rutkowska said will show a "generic method" of inserting arbitrary code into the Vista Beta 2 kernel (x64 edition) without relying on any implementation bug.

It even bypasses a crucial anti-rootkit policy change coming in Windows Vista that requires kernel-mode software to have a digital signature to load.

She said that the only way her rootkit can be detected is if AMD's Pacifica technology is flawed.

More on her Bog here.


Share this:

blog comments powered by Disqus
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

INQ Poll

Heartbleed bug discovered in OpenSSL

Have you reacted to Heartbleed?