Friday, April 4, 2008

PandaLabs 1st Quarter 2008 report and MBR Trojans

Panda Labs has issued their first quarter quarterly report. You can see it here. Under the first quarter trend, it is noted that trojans are making up the biggest percentage of distribution channels for malware. Also noted were new methods for distributing malware through exploits.

To me, one of the biggest announcements in the document is that we are seeing a return of MBR exploits; though not with a virus but a rootkit. If I have it right, a rootkit hidden in the MBR will be active every time the system starts up. This would be tough to detect.

From the article (p. 19):
Stealth techniques aimed at carrying out almost-invisible silent infections are evolving.
Other topics discussed in the article are: a recap of Storm Worm over the last year, Multi-AV scanners, Web 2.0 attacks, and the latest attacks on mobile phones.

The article is definitely a great read. I have already sent it to a couple of sys admins that I know don't take security that serious.

No comments:

Post a Comment