Stealth rootkit - next generation worm Like a tricked-out Batmobile, Rustock.A also makes use of some classic stealth techniques to avoid detection: it can recognize when virus detection software is running and then alter its behavior to avoid that software; it hides its driver in an alternate data stream (ADS), then removes itself from the list of hidden drivers; it doesn't hook into any native APIs; and finally, it is polymorphic, so that its code is constantly changing. |
All times are GMT +1. The time now is 12:49. |
Powered by vBulletin® - Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO