Home opinion-and-analysis The Linux Distillery The dark side of open source software is Stoned
When rootkits are mentioned the things which come to mind are generally hackers, Trojans, even Sony BMG. Now you can add open source software to the list with the release of the first open source rootkit framework called Stoned.

A rootkit is a piece of software which, for nefarious purposes, aims to run undetected on your computer. It will hide itself from process listings and will seek to interfere with the ordinary running of your system to fulfil its own purposes.

A bootkit is a particular type of rootkit which kicks in when the computer boots and before any operating system has loaded. This can make it even more dangerous because it has full access to the system and cannot be removed by merely inspecting the operating system’s list of start-up services.

Austrian hacker Peter Kleissner has released the world’s first ever open source bootkit framework called Stoned Bootkit, named in dubious honour of an early boot sector computer virus called “Stoned.”

Stoned Bootkit aims to attack all versions of Microsoft Windows from XP through to the brand new Windows 7, including Server releases. Stoned loads before Windows starts and remains in memory, and comes with its own file system drivers, a plug-in engine and a collection of Windows “pwning” tools.

Stoned Bootkit also claims to be the first bootkit that breaks TrueCrypt encryption as well as working with traditional FAT and NTFS disk volumes.

This means with Stoned you can install any software you choose – a Trojan horse, say – onto any computer running Windows. You do not need know any passwords and it does not matter if the file system is encrypted.

Stoned was unveiled at the Blackhat USA security conference and Kleissner’s PowerPoint presentation is available online.

In a slide entitled “Who am I?” Kleissner describes himself as an independent operating system developer, a professional software engineer and malware analyst.

The source code for the Stoned Bootkit, as well as general research and technical detail, is available on its own web site. Here you can inspect how it works as well as read instructions on making your own Stoned infector Live CD – making it tragically simple to infect computers provided you can get physical access.

For those needing more help, SecurityTube has posted a video online showing a computer being infected with Stoned and then disinfected again.

Kleissner suggests this is a useful application for law enforcement officials but I suspect there may be somewhat less scrupulous individuals who will find other uses for it.

As with such open source luminaries like WireShark, a plug-in architecture permits developers world-wide to extend the range of functions Stoned can perform. The similarities end there, with WireShark being an intrusion detection system, not an intrusion enabler.

A DINNER WITH YOW! SPEAKERS - CELEBRATING 10 YEARS

It's YOW's 10th anniversary this year and we would like to celebrate with you. YOW! proudly invites you to join us at Celebrating 10 years of YOW! – Dinner with Speakers.

An intimate networking experience, YOW! Dinner with Speakers offers attendees the opportunity to gain industry and career insights on a more personal level with YOW! speakers from the 2018 conference.

An intimate networking experience, YOW! Dinner with Speakers offers attendees the opportunity to gain industry and career insights on a more personal level with YOW! speakers from the 2018 conference.

Book a table of 10, bring a friend, or come by yourself and make new friends!

Register now for YOW! Dinner with Speakers:

· Sydney on Thursday November 29
· Brisbane on Tuesday December 3
· Melbourne on Thursday December 6

REGISTER NOW!

LEARN HOW TO REDUCE YOUR RISK OF A CYBER ATTACK

Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips

DOWNLOAD NOW!

10 SIMPLE TIPS TO PROTECT YOUR ORGANISATION FROM RANSOMWARE

Ransomware attacks on businesses and institutions are now the most common type of malware breach, accounting for 39% of all IT security incidents, and they are still growing.

Criminal ransomware revenues are projected to reach $11.5B by 2019.

With a few simple policies and procedures, plus some cutting-edge endpoint countermeasures, you can effectively protect your business from the ransomware menace.

DOWNLOAD NOW!

David M Williams

David has been computing since 1984 where he instantly gravitated to the family Commodore 64. He completed a Bachelor of Computer Science degree from 1990 to 1992, commencing full-time employment as a systems analyst at the end of that year. David subsequently worked as a UNIX Systems Manager, Asia-Pacific technical specialist for an international software company, Business Analyst, IT Manager, and other roles. David has been the Chief Information Officer for national public companies since 2007, delivering IT knowledge and business acumen, seeking to transform the industries within which he works. David is also involved in the user group community, the Australian Computer Society technical advisory boards, and education.

 

Popular News

 

Telecommunications

 

Sponsored News

 

 

 

 

Connect