Jump to content
xisto Community
pyost

Invisible Malware The blue pill

By pyost, in Websites and Web Designing

Recommended Posts

pyost    0

pyost
Posted

In order to show that malicious software is present even without OS security holes, researchers have developed a prototype of malware that cannot be detected. It is invisible even on Windows Vista, which is supposed to be fully protected from these kinds of attacks. The concept Blue Pill, which is the prototype name, uses AMD's SVM/Pacifica virtualization technology and enables complete take-over of the operating system. The user is not aware of this, because everything happens without the computer being restarted, even without lowering the computer performance.

 

Blue Pill doesn't use bugs in the OS, and can be used on other operating systems, such as Linux and FreeBSD that are on a 64bit platform. Even though this was just a demonstration, not detecting malware is a big problem. Fortunately, the problem (and the solution, hopefully) has been sighted long before attacks will appear.

Share this post

Link to post
Share on other sites

Pharoah    0

Pharoah
Posted

That's cool, in a sick kind of way. I know a guy who downloads huge files from BitTorrent, things like GTA clones (he has dial-up too), and then he thinks he *might* have a virus when there are popups all over his screen. So the real question here is, how often do you guys wipe your hard drives? I never do, but i have nothing to steal.

Share this post

Link to post
Share on other sites

KDEWolf    0

KDEWolf
Posted

In order to show that malicious software is present even without OS security holes, researchers have developed a prototype of malware that cannot be detected. It is invisible even on Windows Vista, which is supposed to be fully protected from these kinds of attacks. The concept Blue Pill, which is the prototype name, uses AMD's SVM/Pacifica virtualization technology and enables complete take-over of the operating system. The user is not aware of this, because everything happens without the computer being restarted, even without lowering the computer performance.

 

Blue Pill doesn't use bugs in the OS, and can be used on other operating systems, such as Linux and FreeBSD that are on a 64bit platform. Even though this was just a demonstration, not detecting malware is a big problem. Fortunately, the problem (and the solution, hopefully) has been sighted long before attacks will appear.

 

Whoa! O_o

Theoretically it would be doomsday, then.

Where did you get this info from, I'm cusrious to know more about it. Does it work on Intel-based systems as well?

Share this post

Link to post
Share on other sites

pyost    0

pyost
Posted

That's cool, in a sick kind of way. I know a guy who downloads huge files from BitTorrent, things like GTA clones (he has dial-up too), and then he thinks he *might* have a virus when there are popups all over his screen. So the real question here is, how often do you guys wipe your hard drives? I never do, but i have nothing to steal.


Yeah, but that's the users fault. He downloads torrents and risks getting his computer infected. But he also seem like a person who cares a lot for these things. Not to mention that he could get rid off most of these virii by a single computer scan.

But this malware is different. No matter how much you try to protect yourself by using high quality anti-virus programs, you would still get infected! And it's not only a problem for regular users, but for big companies, too. We can just hope this doesn't get developed by crackers.

Share this post

Link to post
Share on other sites

yordan    10

yordan
Posted

Pyost, you have a link for where this info came from? Not that I don't trust you, just kind of curious as to the details about this.

You can find some info here for instance : http://www.eweek.com/c/a/Mobile-and-Wireless/HP-TouchPad-Needs-68-Weeks-for-Additional-Shipments-142584
It uses rootkits and a kind of virtualization.
Not downloadable yet, except for security testing purposes.

Share this post

Link to post
Share on other sites

TavoxPeru    0

TavoxPeru
Posted

In order to show that malicious software is present even without OS security holes, researchers have developed a prototype of malware that cannot be detected. It is invisible even on Windows Vista, which is supposed to be fully protected from these kinds of attacks. The concept Blue Pill, which is the prototype name, uses AMD's SVM/Pacifica virtualization technology and enables complete take-over of the operating system. The user is not aware of this, because everything happens without the computer being restarted, even without lowering the computer performance.

 

Blue Pill doesn't use bugs in the OS, and can be used on other operating systems, such as Linux and FreeBSD that are on a 64bit platform. Even though this was just a demonstration, not detecting malware is a big problem. Fortunately, the problem (and the solution, hopefully) has been sighted long before attacks will appear.

 

Thanks for the info, its really amazing all the things that the hUman can create, i hope that i never be infected by this malware, yes yes, i know, i ask too mUch :D

 

BTW, a few months ago i lost my 30GB HD especially becaUse of downloading torrents, i know that i can find good things in this format but my experience told me that the risk to get some virri is very high.

 

Best regards,

Share this post

Link to post
Share on other sites

lonebyrd    0

lonebyrd
Posted

I read something about this in a PC World magazine a few months ago. I can't find the article online unfortunaly, but it said something about this first starting from music companies. They would put this 'malware' (though I'm not even sure what that is) in the music disc that has a DVD feature on it. Then it would get into your computer. I'm not the most computer saavy person in the world, but I know it didn't sound good to me. They showed a 'cute' little picture of a computer with 'bugs' at the very bottom of it saying that nothing could get to it, not even anti-virus, or spy-ware blockers.

Share this post

Link to post
Share on other sites

pyost    0

pyost
Posted

Pyost, you have a link for where this info came from? Not that I don't trust you, just kind of curious as to the details about this.


It's a news I read in a local computer newspaper, and I can guarantee that they wouldn't provide false information - after all, they do have a 15-year-long tradition :D

Share this post

Link to post
Share on other sites

Xisle    0

Xisle
Posted

Yeah, but that's the users fault. He downloads torrents and risks getting his computer infected. But he also seem like a person who cares a lot for these things. Not to mention that he could get rid off most of these virii by a single computer scan.
But this malware is different. No matter how much you try to protect yourself by using high quality anti-virus programs, you would still get infected! And it's not only a problem for regular users, but for big companies, too. We can just hope this doesn't get developed by crackers.



You know, I read about someones virus problem the other day...

He cleaned his harddrive(reset it completely), bought new ram, ran several several virus scans with several different programs.... and he still has the virus....

And trust me, it's a virus not a computer problem...

Share this post

Link to post
Share on other sites

HellFire121    0

HellFire121
Posted

Hmm looks like if microsoft wants to get vista right it will need to have some feature to detect this, unless they release a patch later or something.I wonder what happens if the user doesn't have an amd processor but an intel 64 one, which uses it's own virtualization technology.-HellFire

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Go To Topic Listing
×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept