Fresh Chinese Rootkit Using MBR Detected

Latest news
North America has a 13% Infection Rate for Home PCs Tatanga Trojan Utilized within Fake Insurance Scheme Attack 25 Percent of PCs within UK have Malware, Reports PandaLabs Geolocatiedienst Utility of Porn Sites Utilized to Identify Infected PCs’ Location ICS-CERT Cautions about Gas Pipeline Companies of USA being Targeted with Spear-Phishing

Support our Sponsors

uClip Clipping Path Service

Main Menu

Resources

Login
Username Password Remember Me Forgot your password? Forgot your username? Create an account

Syndicate

Popular
HSBC Clients Targeted with Phishing Scam BBB Cautions about Phishing E-mails Supposedly from American Express USPS Cautions Consumers about Malware Laced Scam E-mails St. George Bank Clients Alerted about Fraudulent E-mails Commtouch Cautions about Siberian Dogs Fraudulent E-mail

Trampolines usa

Fresh Chinese Rootkit Using MBR Detected

Written by Administrator

Thursday, 14 April 2011 07:00

Kaspersky Lab the IT security company has uncovered one new rootkit, malware that contaminates the boot sector of a computer's hard-drive, and dubbed it Rootkit.Win32.Fisp.a.

Says Vyacheslav Zakorzhevsky a researcher at Kaspersky Lab, the said rootkit gets disseminated via Trojan-Downloader.NSIS.Agent.jd, which contaminates end-users' PCs when they attempt at taking down a movie file obtainable from one Chinese pornographic website that's actually phony. Securelist.com published this in news on April 5, 2011.

Apparently, if run successfully, Rootkit.Win32.Fisp.a copies the earlier MBR (master boot record) as also plants a self-generated code (having one encrypted driver) that substitutes the sectors. Thereafter, during the infected PC's startup, the malevolent code runs as also retrieves the real MBR to enable Windows to load as usual.

...

Read the rest of: Fresh Chinese Rootkit Using MBR Detected

Read full article...