Results 1 to 7 of 7

Thread: Article: How to block stealthy malware attacks

  1. #1
    roraniel's Avatar
    roraniel is offline Gold Member
    Join Date
    Oct 2008
    Location
    Pinehurst, NC
    Posts
    860

    Default Article: How to block stealthy malware attacks

    Short on details but sounds interesting!!!

    Article:

    Washington, Nov 4 : Researchers from North Carolina State University have devised a novel way to block rootkits, one of the most insidious types of malware, preventing them from taking over computer systems.

    "Hackers can use rootkits to install and hide spyware or other programs. When you start your machine, everything seems normal but, unfortunately, you've been compromised," said Dr. Xuxian Jiang, assistant professor of computer science at NC State and a co-author of the research.

    "Our research leads to a new way that can protect all the hooks in an efficient way, by moving them to a centralized place and thus making them easier to manage and harder to subvert," said Jiang.



    Jiang revealed that by placing all of the hooks in one place, researchers were able to simply leverage hardware-based memory protection, which is now commonplace, to prevent hooks from being hijacked.

    Whole Article: How to block stealthy malware attacks

  2. #2
    MrMBerman's Avatar
    MrMBerman is offline Senior Member
    Join Date
    Mar 2009
    Location
    Tel Aviv / London / Bukidnon
    Posts
    340

    Default

    Thanks for sharing, very interesting article.

  3. #3
    ceyfer is offline Beginner
    Join Date
    Sep 2009
    Location
    Pearl of the Orient
    Posts
    17

    Default

    Nice idea though...

  4. #4
    Jal
    Jal is offline Windows Enthusiast
    Join Date
    Jul 2009
    Posts
    109

    Default

    Nice article.. As they say, no matter how far the "bad" goes, the "good" always stays one step ahead of it.

  5. #5
    Corrine's Avatar
    Corrine is offline Gold Member
    Join Date
    Jan 2009
    Location
    Upstate NY
    Posts
    961

    Default

    From the article:
    They were able to put hardware in place to ensure that a rootkit cannot modify any hooks without approval from the user.
    The key is "without approval from the user". If the user account is set up as "limited user" there is a chance the user will deny approval. How many people really pay attention to what they click? That is why the pre-checked toolbars are such a boon to vendors.

    @Jal, it is getting more and more difficult to stay ahead of the bad. Developers of malware removal tools have to continuously update and change routines. Even then, there are times when the computer is so badly compromised that it just makes more sense to do a clean install.

  6. #6
    seti is offline Member
    Join Date
    Nov 2008
    Posts
    1,923

    Default

    As usual Corrine says everything clearly. Thank you

  7. #7
    luffy is offline Windows Enthusiast
    Join Date
    Nov 2009
    Posts
    59

    Default

    Thanks for sharing.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22