Security-X

Forum Security-X => News => Discussion démarrée par: igor51 le juillet 22, 2012, 22:00:42

Titre: [Eset]Rovnix bootkit framework updated
Posté par: igor51 le juillet 22, 2012, 22:00:42

Rovnix bootkit framework updated

We have been tracking the activity of the Rovnix bootkit family since April 2011. Rovnix was the first bookit family to use VBR (Volume Boot Record) infection (NTFS bootstrap code) for loading unsigned kernel-mode drivers on x64 (64 bit) platforms. The reason for exploring further is the desire of the Rovnix developers to bypass antivirus ... Read More...
Source: Rovnix bootkit framework updated (http://feedproxy.google.com/~r/eset/blog/~3/pOEoV4OeLQs/rovnix-bootkit-framework-updated)