At a time when banks are shedding IT roles by the dozen, it seems counter-intuitive that 83 per cent of the nation’s chief information officers should report they are confident about the future of their business to the extent that 45 per cent expect to hire IT staff in the first six months of the year. The question remains – is this a dead cat bounce?
When rootkits are mentioned the things which come to mind are generally hackers, Trojans, even Sony BMG. Now you can add open source software to the list with the release of the first open source rootkit framework called Stoned.
A rootkit is a piece of software which, for nefarious purposes, aims to run undetected on your computer. It will hide itself from process listings and will seek to interfere with the ordinary running of your system to fulfil its own purposes.
A bootkit is a particular type of rootkit which kicks in when the computer boots and before any operating system has loaded. This can make it even more dangerous because it has full access to the system and cannot be removed by merely inspecting the operating system’s list of start-up services.
Austrian hacker Peter Kleissner has released the world’s first ever open source bootkit framework called Stoned Bootkit, named in dubious honour of an early boot sector computer virus called “Stoned.”
Stoned Bootkit aims to attack all versions of Microsoft Windows from XP through to the brand new Windows 7, including Server releases. Stoned loads before Windows starts and remains in memory, and comes with its own file system drivers, a plug-in engine and a collection of Windows “pwning” tools.
Stoned Bootkit also claims to be the first bootkit that breaks TrueCrypt encryption as well as working with traditional FAT and NTFS disk volumes.
This means with Stoned you can install any software you choose – a Trojan horse, say – onto any computer running Windows. You do not need know any passwords and it does not matter if the file system is encrypted.
In a slide entitled “Who am I?” Kleissner describes himself as an independent operating system developer, a professional software engineer and malware analyst.
The source code for the Stoned Bootkit, as well as general research and technical detail, is available on its own web site. Here you can inspect how it works as well as read instructions on making your own Stoned infector Live CD – making it tragically simple to infect computers provided you can get physical access.
Kleissner suggests this is a useful application for law enforcement officials but I suspect there may be somewhat less scrupulous individuals who will find other uses for it.
As with such open source luminaries like WireShark, a plug-in architecture permits developers world-wide to extend the range of functions Stoned can perform. The similarities end there, with WireShark being an intrusion detection system, not an intrusion enabler.
Michelle Thomas
| Smelly Black Dog Internet is proud to announce that the company has signed up for Simtronic Technologies new wholesale broadband service as an…
How to Make Business Discovery Work for Your Business
Business Discovery takes its cues from consumer apps. Like Google, it encourages us- ers to hunt for and explore data without worrying about or even noticing the underly- ing technology. Their entire experience is working within an intuitive interface to get real-time, self-service results with only minimal training. ...more
Try an easy-to-use set of web-enabled
tools for business-class productivity services. Office 365 provides
anywhere-access to email, important documents, contacts, and calendars
on almost any device.
