funsec mailing list archives
Re: MBR Rootkit
From: Larry Seltzer <larry () larryseltzer com>
Date: Sun, 14 Aug 2011 12:49:02 -0400
IIRC, the severity of that one was (imagine this!) exaggerated in the press. It doesn't really force a reinstall. On Sat, Aug 13, 2011 at 9:37 PM, Daniel Otis <dso () moosoft com> wrote:
Sorry, I sent from the wrong address! Forgive me for not being clear. I meant the latest one in the news: http://www.itbusinessedge.com/cm/community/news/sec/blog/new-rootkit-forces-windows-reinstall/?cs=47591 Thanks! Daniel On 8/13/2011 6:58 PM, Valdis.Kletnieks () vt edu wrote:On Sat, 13 Aug 2011 13:08:59 MDT, Daniel Otis said:Does anyone have a sample of the latest MBR Rootkit? I need one to experiment on, thanks!*the* latest? Try 'git clone git://github.org/mbr' or similar? ;) (And here I thought there were multiple *families* of MBR rootkits outthere,each with multiple instances? Are you looking for a *specific* one, andarecriteria like "new variants from under 24 hours ago" meaningful for your experimentation? There's a few bazillion variants of malware out there, the more specific you can be the better....-- MooSoft Development LLC http://www.moosoft.com _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- MBR Rootkit Daniel Otis (Aug 13)
- Re: MBR Rootkit Valdis . Kletnieks (Aug 13)
- Re: MBR Rootkit Daniel Otis (Aug 13)
- Re: MBR Rootkit Larry Seltzer (Aug 14)
- Re: MBR Rootkit Daniel Otis (Aug 13)
- Re: MBR Rootkit Valdis . Kletnieks (Aug 13)