This week Steve and I discuss Rootkits and how spyware is beginning to used this advanced hacker technique to hide from you (and removal tools). We also recommend an excellent rootkit revealer. This week's links:
- Sysinternals Rootkit Revealer rootkit scanner
- RootKit Revealer info
- Microsoft's malicious software removal tool (adding rootkit detection)
- F-Secure's new BlackLight (beta release)
- Microsoft Research Strider Ghostbuster Rootkit Detection and other useful info
- The "rootkit" web site. This site contains sample code for a number of user-mode and kernel-mode rootkits as well as ongoing discussions on how to develop rootkits.
- The legendary hacker/cracker "Phrack" web site. This site stores the archive of Phrack, a cracker-oriented magazine where developers share flaws in security-related products, rootkit techniques, and other malware tips and tricks.