Posts Tagged ‘system drivers’

Back to Stuxnet: the missing link

Jun

2012

Two weeks ago, when we announced the discovery of the Flame malware we said that we saw no strong similarity between its code and programming style with that of the Tilded platform which Stuxnet and Duqu are based on. Flame and Tilded are completely different projects based on different architectures and each with their own […]

Category General Written by Securelist / Blog 0 Comments

Mediyes – the dropper with a valid signature

Mar

2012

In the last few days a malicious program has been discovered with a valid signature. The malware is a 32- or 64-bit dropper that is detected by Kaspersky Lab as Trojan-Dropper.Win32.Mediyes or Trojan-Dropper.Win64.Mediyes respectively. Numerous dropper files have been identified that were signed on various dates between December 2011 and 7 March 2012. In all […]

Category General Written by Securelist / Blog 0 Comments

64-Bit System Driver Infected and Signed After UAC Bypassed

Mar

2012

What was just a theory not so long ago is now being used in-the-wild by threats such as Backdoor.Hackersdoor and its newer variant Backdoor.Conpee. Back in December we analyzed tdpipe.sys, an infected 64-bit Windows 7 system driver. The infection consisted of an extra import added to the driver’s import table: The import named DiscPart from […]

Category General Written by Symantec Security Response Blog 0 Comments

The Latest in IT Security

Posts Tagged ‘system drivers’

Back to Stuxnet: the missing link

Mediyes – the dropper with a valid signature

64-Bit System Driver Infected and Signed After UAC Bypassed

Categories

Featured

Archives

Latest Comments

About Us

Contact Us