The malware has a polymorphic nature by definition: those who develop malicious code it does always looking for new solutions difficult to identify and, increasingly, in order to reap economic benefits. One of the most dangerous forms of malware consists of the root kit components that can undermine the 'MBR system and render ineffective the most popular anti-virus tools.
In recent days, security experts have identified a new malware even more difficult to remove from your system. The name of this malicious code is and how Mebrom main feature is the ability to write code directly in the memory that is allocated by the BIOS. The peculiarity of Mebrom has already been exploited by other malware years ago but in the past it was destructive actions on the BIOS itself, quite different from the current scenario.
From the information currently available Mebrom can add code in the memory used to store the BIOS, then set up a procedure through which the PC is a root kit installed. It is then also changed the 'MBR with all potential consequences. The malware in this way creates an environment in which to operate while difficult to detect blocked resulting from common security suite.
Where even the root kit component is detected and removed the portion of source code to the BIOS level and executed at every boot of the PC is able to re-infect your system. According to the information in this analysis from Web root, the Mebrom currently has no payload worrying and, above all, to become a real threat requires administrative privileges on the PC. In addition, compatibility with the multitude of BIOS and hardware in circulation could be a further obstacle to this kind of malicious code.
But Mebrom poses new problems for security experts, a truly effective solution may be acting at a very low level by hardware manufacturers.
Posted by: Wasim Javed
No comments:
Post a Comment