Security experts are warning about a stealthy Windows rootkit that steals login details for online bank accounts. In the last month, the malicious program has racked up about 5,000 victims – most of whom are in Europe. Many are falling victim via booby-trapped websites that use vulnerabilities in Microsoft’s browser to install the attack code. Experts say the virus is dangerous because it can avoid detection by burying itself deep inside part of a computer’s hard drive called the Master Boot Record (MBR). This is where a computer looks when it is switched on for information about the operating system it will be running.
“If you can control the MBR, you can control the operating system and therefore the computer it resides on,” wrote Elia Florio on security company Symantec’s blog. Mr Florio pointed out that many viruses dating from the days before Windows used the Master Boot Record to get a grip on a computer. Once installed the virus, dubbed Mebroot by Symantec, usually downloads other malicious programs, such as keyloggers, to do the work of stealing confidential information.
View: Full story @ BBC News
Just another reason not to use Internet Explorer! For all of my clients and friends that I have and keep continually recommending Firefox to, this is a prime example of why I always point people in the right direction!
Internet Explorer » Warning on stealthy Windows rootkit says:
[...] Dan Cunningham wrote an interesting post today on Warning on stealthy Windows rootkitHere’s a quick excerptJust another reason not to use Internet Explorer!… [...]
Jan 12, 2008, 9:46 pmInternet blog » Warning on stealthy Windows rootkit says:
[...] post by Dan Cunningham and software by Elliott Back This entry is filed under Internet blog. You can follow any [...]
Jan 13, 2008, 2:38 amWILLIAMS says:
Love your blog. Will be coming back quite a bit.
Apr 23, 2010, 2:45 am