MORE ENTRIES
- It's the applications, stupid
- Will a whitelist save personal computing?
- Thousands of Web sites under attack
- To solve the unsolvable problem
- Re-thinking the security of virtual machines
- Security Development Lifecycle trumps code complexity
- Is your Web site FIPS compliant?
- Computer security: Why have least privilege?
- Strategic security: Get a handle on authentication
- Control user installs of software
Security Adviser | Roger A. Grimes »
Worm uses ADS streams and root kit kernel tricks
RATE THIS ARTICLE:
June 22, 2006 | Comments: (0)
Worm uses ADS streams and root kit kernel tricks
This worm uses NTFS ADS streams to hide itself attached to the \system32 folder, plus uses root kit kernel mode stealth
http://msmvps.com/blogs/harrywaldron/archive/2006/06/22/102509.aspx
Few worms come along that interest me (e.g. Nimda, Slammer, etc.). This is another interesting malware program in the same vein. Nothing new, just using two interesting tricks at the same time.
Posted by Roger Grimes on June 22, 2006 06:10 AM
RATE THIS ARTICLE:
-
- COMMENTS
