Vbootkit 2.0

Windows 7 is coming but would you want to use it even if there are two person who are claiming that they have found a "hole" in Windows 7 that is "unfixable". Researchers Vipin Kumar and Nitin Kumar claim that they have the latest hack for Windows 7 using a 3kb software called Vbootkit 2.0.
“There’s no fix for this. It cannot be fixed. It’s a design problem,” Vipin Kumar said, explaining the software exploits the Windows 7 assumption that the boot process is safe from attack.

This is how the hack works, the program VBootKit 2.0 during the boot time, loads itself into the system memory and bypasses the hard drive altogether, making it extremely difficult to detect. Because nothing is changed on the hard disk itself, VBootkit 2.0 is hard to detect.

Once the software is loaded onto the memory, any ill-intentioned attacker can access all data, change passwords, install softwares to remotely control the PC. However, when the victim’s computer is rebooted, VBootkit 2.0 will lose its hold over the computer as data contained in system memory will be lost.
Scary? Not really because the attacker must have physical access to your PC before he (or she) can do the attack. But if Vbootkit 2.0 is already in your PC, the attacker can control it remotely.

More about this story at CIO.com

Labels: ,