Windows 7: Researcher offers tool to hide malware in .Net

.Net-sploit can hide rootkits in a framework untouched by security software, where they can affect many applications

A computer security researcher has released an upgraded tool that can simplify the placement of difficult-to-detect malicious software in Microsoft's .Net framework on Windows computers.
Microsoft discloses ambitious security strategy

The tool, called .Net-Sploit 1.0, allows for modification of .Net, a piece of software installed on most Windows machines that allows the computers to execute certain types of applications.
Microsoft makes a suite of developer tools for programmers to write applications compatible with the framework. It offers developers the advantage of writing programs in several different high-level languages that will all run on a PC.




.Net-Sploit allows a hacker to modify the .Net framework on targeted machines, inserting rootkit-style malicious software in a place untouched by security software and where few security people would think to look, said Erez Metula, the software security engineer for 2BSecure who wrote the tool.