eEye BootRoot [Archive] - RCE Messageboard's Regroupment

View Full Version : eEye BootRoot

Cthulhu

03-05-2008, 12:22 PM

A friend of mine showed this to me today.
I searched here in the forum and I found no results: http://research.eeye.com/html/tools/RT20060801-7.html

It is a MBR Rootkit developed by eEye

It comes with source code, so I thought it was worth of sharing it with you

My best regards
Cthulhu

dELTA

03-05-2008, 04:48 PM

Yep, it's a nice piece of work indeed.

JMI

03-05-2008, 09:30 PM

Thanks for sharing with our readers. Many are always looking for new tricks, even the nasty kind.

Regards,

Nico

03-19-2008, 07:11 PM

In the wild malwares currently use code from this POC, to infect users.

Interesting reading:

http://www2.gmer.net/mbr/

dELTA

03-20-2008, 03:14 AM

Yep, I've actually been analyzing one of these malwares myself during the last weeks.

Kayaker

03-24-2008, 11:53 PM

And the story continues..

http://blog.trendmicro.com/new-mbr-rootkit-variant-mbr-rootkit-vs-anti-rootkit/

JMI

03-25-2008, 12:31 AM

Well, at least it is keeping all those malware detectors and analyzers fully employed.

Regards,