Developers | DataProtectionCenter.com

Rovnix bootkit framework updated

14

Jul

2012

We have been tracking the activity of the Rovnix bootkit family since April 2011. Rovnix was the first bookit family to use VBR (Volume Boot Record) infection (NTFS bootstrap code) for loading unsigned kernel-mode drivers on x64 (64 bit) platforms. The reason for exploring further is the desire of the Rovnix developers to bypass antivirus […]

Category General Written by ESET ThreatBlog 0 Comments

Trend Micro Fix Tool for Malicious Library File Found on 48 Utility Apps

29

Jun

2012

Early this month, we reported about a technique used by an Android malware detected as ANDROIDOS_BOTPANDA.A, which involved modifications to the affected device that make the malware hard to remove. To help affected users, we’ve released a special tool that reverts modifications done by ANDROIDOS_BOTPANDA.A, and ultimately removes the said malware from the system. The […]

Category General Written by TrendLabs 0 Comments

Library File in Certain Android Apps Connects to C&C Servers

11

Jun

2012

We have uncovered certain Android apps (detected as ANDROIDOS_BOTPANDA.A) containing a malicious library file, which when executed, renders the infected device as a zombie device that connects to specific command and control (C&C) servers. What is also noteworthy about this file is that it hides its routines in the dynamic library, making it difficult to […]

Category General Written by TrendLabs 0 Comments

The Latest in IT Security

Posts Tagged ‘Developers’

Rovnix bootkit framework updated

Trend Micro Fix Tool for Malicious Library File Found on 48 Utility Apps

Library File in Certain Android Apps Connects to C&C Servers

Categories

Featured

Archives

Latest Comments

About Us

Contact Us