100% Undetectable Malware?

By | June 29, 2006

100 Undetectable Malware

A security researcher with expertise in rootkits has built a working prototype of new technology that is capable of creating malware that remains “100 percent undetectable,” even on Windows Vista x64 systems. …The technique effectively bypasses a crucial anti-rootkit policy change coming in Windows Vista that requires kernel-mode software to have a digital signature to load on x64-based systems.

The idea of a virtual machine rootkit isn’t entirely new. Researchers at Microsoft Research and the University of Michigan have created a VM-based rootkit called “SubVirt” that is nearly impossible to detect because its state cannot be accessed by security software running in the target system. …
“The idea behind Blue Pill is simple: your operating system swallows the Blue Pill and it awakes inside the Matrix controlled by the ultra thin Blue Pill hypervisor. This all happens on-the-fly (i.e. without restarting the system) and there is no performance penalty and all the devices,” she explained. – eweek

Coming soon: 100% undetectable monitoring of everything everyone does on a computer.

Leave a Reply