[Updated] Stoned Bootkit released
Stoned Bootkit is a new Windows bootkit which attacks all Windows versions from XP up to 7. It is loaded before Windows starts and is memory resident up to the Windows kernel. Thus Stoned gains access to the entire system. It has exciting features like integrated file system drivers, automatic Windows pwning, plugins, boot applications and much much more. The project is partly published as open source under the European Union Public License. Like in 1987, "Your PC is now Stoned! ..again".
A bootkit is a boot virus that is able to hook and patch Windows to get load into the Windows kernel, and thus getting unrestricted access to the entire computer. It is even able to bypass full volume encryption, because the master boot record (where Stoned is stored) is not encrypted. The master boot record contains the decryption software which asks for a password and decrypts the drive. This is the weak point, the master boot record, which will be used to pwn your whole system. No one’s secure!
For whom is Stoned Bootkit interesting?
- Black Hats
- Law enforcement agencies
- Microsoft
Why is Stoned something new? Because it is the firts bootkit that..
- attacks Windows XP, Sever 2003, Windows Vista, Windows 7 with one single master boot record
- attacks TrueCrypt full volume encryption
- has integrated FAT and NTFS drivers
- has an integrated structure for plugins and boot applications (for future development)
The list of plugins integrated with "Stoned BootKit":
- CO2-Plugin
- PE Infector
- File Parsers
- HibernationFile Attack
- PagefileInjector
- Music Melody!
- BootPassword Crack
- AntiWPA
- Persistent BIOSInfector
Stoned Bootkit keynote at HAR2009
Tool Submitted by Maximilano Soler
Post scriptum
Compliance Mandates
|
