|10 Mar 2010||#1|
| || |
Has the MBR rootkit disappeared? Not really.
During these days we have talked a lot about the TDL3 rootkit infection, a nice example of how malware writers can make security vendors's work harder. We will continue writing about TDL3 to update our readers about the status of both the rootkit and defensive techniques.
However today we want to take a step back and talk about an old friend called the MBR rootkit, or Mebroot, or yet Torpig. The fact that we haven't talked about it for a while doesn't mean it has been defeated. Instead, the MBR rootkit is still actively spreading throughout the web, mostly through compromised websites.
During the last two days we have cleaned hundreds of infected machines, a quite impressive number that shows how the threat is still hitting hard.
Has the MBR rootkit disappeared? Not really
|My System Specs|
|Similar help and support threads for2: Has the MBR rootkit disappeared? Not really.|
|ZA Reg Rootkit???||System Security|
|Require (Rootkit.TDSS.TDL4) Rootkit Removal & Cleanup walkthrough||System Security|
|Rootkit Banker - now also to 64-bit||Security News|
|BSOD DUE TOO rootkit||System Security|
|Potential Rootkit||System Security|
|Need help with Rootkit problem?||Performance & Maintenance|