Yes, there exists a bootkit, for Windows, called "Stoned Bootkit" XD
It is an open-source homage to the "Stoned boot sector virus" from the DOS-days of the 90s. After succesfully infecting the MBR of a DOS-system, the MBR would contain code that had the ability to announce (with a 1 in 8 probability) the words:
"Your PC is now Stoned."
To elaborate a little.., a bootkit is similar to a rootkit, only it doesn't infect sub-systems of an OS. Instead, it resides in the MBR (Master Boot Record) of a Windows system-disk. This enables it to bypass drive-encryption, because Microsofts drive-encryption does not cover the MBR of a drive. Also, since it is an MBR-virus, it can be bootstrapped to the Windows-kernel (core of the operating system), making it even harder to locate, and/or remove completely.
In other words, it is an awesome piece of code, able to 'pwn' your machine completely.
It is interesting for a number of users, specifically:
- Black hats
- Law enforcement agencies
- Microsoft Corporation
And what's even better, it's the first bootkit that:
- attacks Windows XP, Windows Vista, Windows 7 and Windows Server 2003/2008 with one single Master Boot Record.
- attacks TrueCrypt full volume encryption.
- has integrated FAT and NTFS drivers.
- has an integrated structure for plugins and boot applications (for future development).
A perfect example of "doing it, because we can" mentality.
LOL! & LuLz!
Link:
Posts
0 kommentarer :
Post a Comment