Invisible Malware The blue pill

In order to show that malicious software is present even without OS security holes, researchers have developed a prototype of malware that cannot be detected. It is invisible even on Windows Vista, which is supposed to be fully protected from these kinds of attacks. The concept Blue Pill, which is the prototype name, uses AMD's SVM/Pacifica virtualization technology and enables complete take-over of the operating system. The user is not aware of this, because everything happens without the computer being restarted, even without lowering the computer performance.

 

Blue Pill doesn't use bugs in the OS, and can be used on other operating systems, such as Linux and FreeBSD that are on a 64bit platform. Even though this was just a demonstration, not detecting malware is a big problem. Fortunately, the problem (and the solution, hopefully) has been sighted long before attacks will appear.

That's cool, in a sick kind of way. I know a guy who downloads huge files from BitTorrent, things like GTA clones (he has dial-up too), and then he thinks he *might* have a virus when there are popups all over his screen. So the real question here is, how often do you guys wipe your hard drives? I never do, but i have nothing to steal.

In order to show that malicious software is present even without OS security holes, researchers have developed a prototype of malware that cannot be detected. It is invisible even on Windows Vista, which is supposed to be fully protected from these kinds of attacks. The concept Blue Pill, which is the prototype name, uses AMD's SVM/Pacifica virtualization technology and enables complete take-over of the operating system. The user is not aware of this, because everything happens without the computer being restarted, even without lowering the computer performance.

 

Blue Pill doesn't use bugs in the OS, and can be used on other operating systems, such as Linux and FreeBSD that are on a 64bit platform. Even though this was just a demonstration, not detecting malware is a big problem. Fortunately, the problem (and the solution, hopefully) has been sighted long before attacks will appear.

 

Whoa! O_o

Theoretically it would be doomsday, then.

Where did you get this info from, I'm cusrious to know more about it. Does it work on Intel-based systems as well?

That's cool, in a sick kind of way. I know a guy who downloads huge files from BitTorrent, things like GTA clones (he has dial-up too), and then he thinks he *might* have a virus when there are popups all over his screen. So the real question here is, how often do you guys wipe your hard drives? I never do, but i have nothing to steal.

Yeah, but that's the users fault. He downloads torrents and risks getting his computer infected. But he also seem like a person who cares a lot for these things. Not to mention that he could get rid off most of these virii by a single computer scan.

But this malware is different. No matter how much you try to protect yourself by using high quality anti-virus programs, you would still get infected! And it's not only a problem for regular users, but for big companies, too. We can just hope this doesn't get developed by crackers.

Pyost, you have a link for where this info came from? Not that I don't trust you, just kind of curious as to the details about this.

Pyost, you have a link for where this info came from? Not that I don't trust you, just kind of curious as to the details about this.

You can find some info here for instance : http://www.eweek.com/c/a/Mobile-and-Wireless/HP-TouchPad-Needs-68-Weeks-for-Additional-Shipments-142584
It uses rootkits and a kind of virtualization.
Not downloadable yet, except for security testing purposes.

In order to show that malicious software is present even without OS security holes, researchers have developed a prototype of malware that cannot be detected. It is invisible even on Windows Vista, which is supposed to be fully protected from these kinds of attacks. The concept Blue Pill, which is the prototype name, uses AMD's SVM/Pacifica virtualization technology and enables complete take-over of the operating system. The user is not aware of this, because everything happens without the computer being restarted, even without lowering the computer performance.

 

Blue Pill doesn't use bugs in the OS, and can be used on other operating systems, such as Linux and FreeBSD that are on a 64bit platform. Even though this was just a demonstration, not detecting malware is a big problem. Fortunately, the problem (and the solution, hopefully) has been sighted long before attacks will appear.

 

Thanks for the info, its really amazing all the things that the hUman can create, i hope that i never be infected by this malware, yes yes, i know, i ask too mUch

 

BTW, a few months ago i lost my 30GB HD especially becaUse of downloading torrents, i know that i can find good things in this format but my experience told me that the risk to get some virri is very high.

 

Best regards,

I read something about this in a PC World magazine a few months ago. I can't find the article online unfortunaly, but it said something about this first starting from music companies. They would put this 'malware' (though I'm not even sure what that is) in the music disc that has a DVD feature on it. Then it would get into your computer. I'm not the most computer saavy person in the world, but I know it didn't sound good to me. They showed a 'cute' little picture of a computer with 'bugs' at the very bottom of it saying that nothing could get to it, not even anti-virus, or spy-ware blockers.

Pyost, you have a link for where this info came from? Not that I don't trust you, just kind of curious as to the details about this.

It's a news I read in a local computer newspaper, and I can guarantee that they wouldn't provide false information - after all, they do have a 15-year-long tradition

Yeah, but that's the users fault. He downloads torrents and risks getting his computer infected. But he also seem like a person who cares a lot for these things. Not to mention that he could get rid off most of these virii by a single computer scan.
But this malware is different. No matter how much you try to protect yourself by using high quality anti-virus programs, you would still get infected! And it's not only a problem for regular users, but for big companies, too. We can just hope this doesn't get developed by crackers.

You know, I read about someones virus problem the other day...

He cleaned his harddrive(reset it completely), bought new ram, ran several several virus scans with several different programs.... and he still has the virus....

And trust me, it's a virus not a computer problem...

Hmm looks like if microsoft wants to get vista right it will need to have some feature to detect this, unless they release a patch later or something.I wonder what happens if the user doesn't have an amd processor but an intel 64 one, which uses it's own virtualization technology.-HellFire

both Virtutualization technologies are quite similar though.xboxrulz