Security Incidents mailing list archives

Re: Re: NKADM rootkit

From: "soccer4net () netzero com" <soccer4net () netzero com>
Date: Thu, 27 May 2004 14:43:23 GMT


The fact that Norton doesn't pick it up is no indication that this something new.  Looks like you've got your usual 
assortment of FXPers tools.  Any warez dude/skiddie worth his salt will compress the binaries e.g. Morphine, making 
them undectectable by the AV.  If they're real advanced they will modify the signature itself with a hex utility.

________________________________________________________________
The best thing to hit the Internet in years - NetZero HiSpeed!
Surf the Web up to FIVE TIMES FASTER!
Only $14.95/ month -visit www.netzero.com to sign up today!

Current thread:

Re: Re: NKADM rootkit Jeremy Pollack (May 26)
- Re: NKADM rootkit Harlan Carvey (May 26)
- <Possible follow-ups>
- Re: Re: NKADM rootkit soccer4net () netzero com (May 27)