PDA

View Full Version : Undetectable Malware Threatens Windows Vista


davidh
June 29th, 2006, 05:53 PM
Undetectable "Blue Pill" Malware Threatens Windows Vista

"A security researcher in Singapore found a way to create malware that's
100% undetectable on Windows, even on Windows Vista. The technology,
entitled the "Blue Pill," uses AMD's SVM/Pacifica virtualization
technology to create an ultra-thin hypervisor that takes complete control
of the underlying operating system. The researcher explained, "The idea
behind Blue Pill is simple: your operating system swallows the Blue Pill
and it awakes inside the Matrix controlled by the ultra thin Blue Pill
hypervisor. This all happens on-the-fly (i.e. without restarting the
system) and there is no performance penalty." A working prototype of
the Blue Pill will be unveiled at the Black Hat Briefings on the same day
that Microsoft is scheduled to show off some of the key security features
of Windows Vista. I bet Bill's not too happy about that timing."

SCM/Pacifica Virtualization Technology:
http://ct.eletters.whatsnewnow.com/rd/cts?d=181-688-1-370-1104768-37255-0-0-0-1
Microsoft Has a Big Date Set with 'Black Hat ' Hackers:
http://ct.eletters.whatsnewnow.com/rd/cts?d=181-688-1-370-1104768-37258-0-0-0-1

davidh
June 29th, 2006, 05:59 PM
http://isc.sans.org/diary.php?storyid=1451&rss

Judy G. Russell
June 29th, 2006, 08:20 PM
Undetectable malware. What fun... I knew there were reasons I didn't want to even think about Vista...