Miscreants have created a strain of malware capable of removing rootkits from compromised PCs, only to install almost undetectable backdoor code of its own. The Pandex Trojan stops previously installed rootkits from working by removing their hooks into system calls.
Pandex then installs its own rootkit component, detected by Trend Micro as Pushu-AC. Rootkits are a type of malware that hide their presence on infected PCs, making them more dangerous than typical viruses. By operating below the level of traditional malware scanning tools, rootkits are able to carry out covert functions, for example keystroke-logging, without detection. Malware removes rival rootkits | The Register
From around the Web
- Gmail to drop IE6 support this year
- Older IE Versions Maintain Sizable Market Share Despite Security Concerns
- Google Chrome 4 Bolsters Browser Security with New Features
- 10 Reasons Why Microsoft Should Have Discussed Security At CES
- How three vendors screwed up USB stick security
- 94 more secret Windows shortcuts
- Facebook CEO: Privacy Not the Social Norm
- More flash drive firms warn of security flaw; NIST investigates
- The ultimate God Mode list: 39 secret Windows 7 shortcuts
- Microsoft, Adobe prep critical security patches
- Mozilla fixes upgrade flaw in Firefox
- Chrome grabs market share from IE and Firefox, passes Safari
- Facebook enhances privacy settings
- Windows 7 tricks: 20 top tips and tweaks
- The ABCs of securing your Windows netbook