| 翻訳と辞書 |
Mebroot
Mebroot is a Master boot record based rootkit used by botnets including Torpig. It is a sophisticated trojan that uses stealth strategies to hide itself from the user. The trojan opens a back door on the victims computer which allows the attacker complete access over the computer.〔(【引用サイトリンク】url=http://www.symantec.com/security_response/writeup.jsp?docid=2008-010718-3448-99 )〕
==Payload==
The trojan infects the MBR to allow itself to start even before the operating system starts. This allows it to bypass some safeguards and embed itself deep within the operating system. It is known that the trojan can intercept read/write operations, embed itself deep within network drivers. This allows it the ability to bypass some firewalls and communicate securely, using a custom encrypted tunnel, to the command and control server. This allows the attacker to install other malware, viruses, or other applications. The trojan most commonly steals information from the victims computer, in the attempt of small financial gain. Mebroot is linked to Anserin which is another trojan that logs keystrokes and steals banking information. This gives further evidence showing that financial motive is most likely behind Mebroot.〔http://www.symantec.com/security_response/writeup.jsp?docid=2008-010718-3448-99〕
抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』
■ウィキペディアで「Mebroot」の詳細全文を読む
スポンサード リンク
| 翻訳と辞書 : 翻訳のためのインターネットリソース |
Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.
|
|