Video Screencast Help
Search Video Help Close Back
to help
New in the Rewards Catalog: Vouchers for "Symantec Technical Specialist" and "Symantec Certified Specialist" exams.

Stealth rootkit infects thousands of websites

Created: 20 Apr 2009 | 2 comments
erikw's picture
erikw
+2 2 Votes
Login to vote

Thousands of websites have been rigged to deliver a powerful piece of malicious software that many security products may be unprepared to handle.
An earlier version of Mebroot, which is what Symantec named it, first appeared around December 2007 and used a well-known technique to stay hidden. It infects a computer's Master Boot Record (MBR). It's the first code a computer looks for when booting the operating system after the BIOS runs.
Read more on:

http://www.computerworlduk.com/management/security...

blog entry Filed Under:
, , , , ,

Comments

binayak's picture
20
Apr
2009
0 Votes 0
Login to vote
binayak
Accredited

Thanks for the information

Hi, thanks for the valuable information.

riva11's picture
20
Apr
2009
2 Votes +2
Login to vote
riva11

Stealth rootkit

From Stealth rootkit infects thousands of websites article :

Erasmus said it appears that thousands of websites have been hacked to deliver Mebroot to vulnerable computers that don't have the proper patches for their web browsers.

The infection mechanism is known as a drive-by download. It occurs when a person visits a legitimate website that's been hacked. Once on the site, an invisible iframe is loaded with an exploit framework that begins testing to see if the browser has a vulnerability. If so, Mebroot is delivered, and a user notices nothing.

Hope Symantec will deliver virus defs update quickly. It seems really dangerous....

Technical Support

Symantec.com

Store

Community Stats

Total Content Items
Members
258,791