NEWS FROM THE LAB - Wednesday, March 30, 2005

Money: Rootkit authors go for gold Posted by Mika @ 11:17 GMT

There has been numerous posts on this weblog of spammers and virus writers making money out of their criminal activities. Now rootkit authors are joining in. The author of a common rootkit called Hacker Defender has been selling undetection service for his products for some time now. Previously he only sold undetection against anti-virus products, but now his new "Golden Hacker Defender" is marketed as being able to hide from a number of rootkit detection tools, including our current F-Secure BlackLight beta. Hacker Defender is a user-mode rootkit/trojan that includes a built-in hidden backdoor. Apparently Golden Hacker Defender license costs 390 euros (about 500 US dollars).

Golden Hxdef Factsheet (6k image)

We recommend you spend your money on something else. As rootkits keep adopting new techniques, BlackLight will follow suit. This is where you can help by sending us samples whenever BlackLight finds something suspicious on your computer!