1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

New generation of rootkits now in the wild.

Discussion in 'Computer Security' started by ffreeloader, Jul 18, 2006.

  1. ffreeloader

    ffreeloader Terabyte Poster

    Some sites are calling this the "invisible" rootkit as it uses Alternate Data Streams (ADS) as one its techiniques of keeping itself hidden. ADS is a way of hiding files from the Windows interface. A file hidden in ADS will not show up in disk usage stats, Windows explorer, or from the cmd prompt. It takes special tools to find them.

    You can read the rest of the article on cio.com's CIO Tech Informer
    Certifications: MCSE, MCDBA, CCNA, A+
    WIP: LPIC 1
  2. Bluerinse
    Honorary Member

    Bluerinse Exabyte Poster

    Interesting Freddy!

    For those that might want to read a bit more about NTFS ADS and how easy they are to create and manipulate, there is a good article here...

    Certifications: C&G Electronics - MCSA (W2K) MCSE (W2K)

Share This Page