Results 1 to 3 of 3

Thread: Popureb - a small rootkit with a big reputation

  1. 07-07-2011, 01:45 AM #1
    ~BD~ Guest

    Popureb - a small rootkit with a big reputation

    From Sophos
    ***********
    by Chester Wisniewski on July 6, 2011

    There has been a lot of discussion in recent weeks about some new
    variants of the Popureb rootkit that clobber your Master Boot Record (MBR).

    Initial reports from Microsoft even suggested the only way to recover
    was to reinstall Windows, which fortunately is not true.

    SophosLabs Threat Researchers Mike Wood, Michele Freschi and Ahmed Zaki
    have published a technical paper that looks at the inner workings of
    Popureb.

    In the paper they explain the four major components of the malware,
    including the methods used by the rootkit and driver used to protect it.

    To get all the details on Popureb and how to safely clean up infected
    computers, download "Popureb - a small rootkit with a big reputation."

    And be sure to read Paul Ducklin's recent article on rootkits in general
    to remind yourself that no malware - not even a rootkit - is
    "indestructible", whatever you may have seen lately in the media on this
    tricky subject.

    This malware has been characterized as something that is panic worthy.
    While multi-component malware, rootkits and encryption are certainly
    challenging to deal with there is no reason to panic.

    http://nakedsecurity.sophos.com/2011...ig-reputation/

    HTH

    Dave
    Reply With Quote Reply With Quote
  2. 07-07-2011, 04:52 AM #2
    Bullwinkle. Guest

    Re: Popureb - a small rootkit with a big reputation

    How did the interview go?

    Not too bad I suppose since you were let go.


    Now why don't you get the **** off usenet and the
    whole internet. Make the world better


    "~BD~" <~BD~@nomail.afraid.com> wrote in message
    news:iv3klk$6tn$1@dont-email.me...

    Reply With Quote Reply With Quote
  3. 07-07-2011, 07:31 AM #3
    Mike Easter Guest

    Re: Popureb - a small rootkit with a big reputation

    ~BD~ wrote:

    > by Chester Wisniewski on July 6, 2011

    > http://nakedsecurity.sophos.com/2011...ig-reputation/

    That is an article about an article.

    The article it is about is much more interesting than the article about
    the article.

    The actual article that it is about is a .pdf accessible from this
    Sophos page^1.

    ^1 Previewable goo.gl http://goo.gl/t60rD+ - it is technically inferior
    to other MBR-based rootkits

    From the .pdf: With such gaping holes in the stealthing mechanisms
    employed, it is almost contradictory to refer to Popureb as a rootkit
    (as stealthing, or hiding the presence of the infection, is a primary
    requirement to be a rootkit).



    --
    Mike Easter
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules