'Blue Pill' Prototype Creates 100% Undetectable Malware

[Brutuskend]

'Blue Pill' Prototype Creates 100% Undetectable Malware
By Ryan Naraine
June 28, 2006

A security researcher with expertise in rootkits has built a working prototype of new technology that is capable of creating malware that remains "100 percent undetectable," even on Windows Vista x64 systems.

Joanna Rutkowska, a stealth malware researcher at Singapore-based IT security firm COSEINC, says the new Blue Pill concept uses AMD's SVM/Pacifica virtualization technology to create an ultra-thin hypervisor that takes complete control of the underlying operating system.

LINK to full story

 

[imported_LoKe]

How long before Sony places its bid?

 

[BigJ]

Fvck this. I'm switching to Mac.








Just kidding!

 

[Pepsi90919]

an ultra-thin hypervisor

😕

 

[theNEOone]

there's alot of techno-jargon in the article, but is it safe to assume that i have to be running 1) an AMD processor and 2) a 64 bit OS to be affected by Blue Pill?


=|

 

[BW86]

Originally posted by: LoKe
How long before Sony places its bid?

😉

 

[tweakmm]

Another reason why my main comp runs OSX.

Sure, I've got a more powerful PC system beside it for day-trading, but you better bet that sucker is on lock down.

 

[archcommus]

Like MS won't patch it. Nothing is 100%.

 

[Tiamat]

sounds like something MS would use for their next revision of WGA :roll:

 

[imported_LoKe]

Originally posted by: archcommus
Like MS won't patch it in three years. Nothing is 100%.

Fixed.

 

[archcommus]

But, my question, I thought malware was...you know...frowned upon. And brinking on being illegal sometime in the future? So why the fvck is this being PUBLICLY developed and the article doesn't bash these people at all?

 

[Brutuskend]

Originally posted by: archcommus
But, my question, I thought malware was...you know...frowned upon. And brinking on being illegal sometime in the future? So why the fvck is this being PUBLICLY developed and the article doesn't bash these people at all?

Good question.

Perhaps so someone else will try and do a work around so it IS detectable?

(At least we can hope!)

 

[imported_LoKe]

Originally posted by: archcommus
But, my question, I thought malware was...you know...frowned upon. And brinking on being illegal sometime in the future? So why the fvck is this being PUBLICLY developed and the article doesn't bash these people at all?

Purpose of testing. You have to develop something before it can be blocked.

 

[archcommus]

Originally posted by: LoKe

Originally posted by: archcommus
But, my question, I thought malware was...you know...frowned upon. And brinking on being illegal sometime in the future? So why the fvck is this being PUBLICLY developed and the article doesn't bash these people at all?

Purpose of testing. You have to develop something before it can be blocked.

Seems to me like it just gives the real hackers good ideas. 😕

 

[tweakmm]

Originally posted by: archcommus

Originally posted by: LoKe

Originally posted by: archcommus
But, my question, I thought malware was...you know...frowned upon. And brinking on being illegal sometime in the future? So why the fvck is this being PUBLICLY developed and the article doesn't bash these people at all?

Purpose of testing. You have to develop something before it can be blocked.

Seems to me like it just gives the real hackers good ideas. 😕

These are the black hats don't publish their hacks, they exploit them for noteriety and profit.

The white hats expose the issuse to force a change.

 

[imported_LoKe]

Originally posted by: tweakmm
These are the black hats don't publish their hacks, they exploit them for noteriety and profit.

The white hats expose the issuse to force a change.

I've always wanted to be a White Hat since I saw a program about it on tv. 😱

 

[tweakmm]

Originally posted by: LoKe

Originally posted by: tweakmm
These are the black hats don't publish their hacks, they exploit them for noteriety and profit.

The white hats expose the issuse to force a change.

I've always wanted to be a White Hat since I saw a program about it on tv. 😱

Hehe,

For every published exploit there have been at least a few dozen programers in the east bloc who've been exploiting it to blackmail companies for months.

 

[Eos]

Is Windows XP Pro a 64 bit OS?

I'm not sure why I don't know this info... 😱

 

[ruffilb]

I read this on /.

I think the malware only affects the virtualized OS, so it's only semi-important.

 

[BigJ]

Originally posted by: eos
Is Windows XP Pro a 64 bit OS?

I'm not sure why I don't know this info... 😱

There's a 32-bit and a 64-bit version.

 

[imported_LoKe]

Originally posted by: eos
Is Windows XP Pro a 64 bit OS?

I'm not sure why I don't know this info... 😱

It depends on what you're running it on. If you've got a 64bit processor, I'd like to think you're using the 64bit version.

 

[Fritzo]

Originally posted by: tweakmm
Another reason why my main comp runs OSX.

Sure, I've got a more powerful PC system beside it for day-trading, but you better bet that sucker is on lock down.

Why, are you concerned Dateline is going to find your child porn?

 

[tweakmm]

Originally posted by: Fritzo

Originally posted by: tweakmm
Another reason why my main comp runs OSX.

Sure, I've got a more powerful PC system beside it for day-trading, but you better bet that sucker is on lock down.

Why, are you concerned Dateline is going to find your child porn?

Wait... what are you talking about?

Was that some sort of joke about me day-trading pornography?
If so, it really sucked and you should stick to your day job of whatever it is.

 

[Howard]

Originally posted by: LoKe

Originally posted by: eos
Is Windows XP Pro a 64 bit OS?

I'm not sure why I don't know this info... 😱

It depends on what you're running it on. If you've got a 64bit processor, I'd like to think you're using the 64bit version.

No, you can run the 32-bit version on a "64-bit" processor.