Is Sleep mode safe?
If a PC has rootkit, when it goes into sleep mode, can rootkit do anything to it while it’s in state of sleeping? Meaning steal data, open programs and basically do anything. Assuming it’s not BIOS rootkit.
Category Archives: rootkits
Operation TunnelSnake
A newly discovered rootkit that we dub ‘Moriya’ is used by an unknown actor to deploy passive backdoors on public facing servers, facilitating the creation of a covert C&C communication channel through which they can be silently controlled. The victims are located in Africa, South and South-East Asia. Continue reading Operation TunnelSnake
Was fanny.bmp the recon part of StuXNet’s operation? (since it was before StuXnet & is nearly identical in parts of code to StuXNet) [closed]
Introduction
Stuxnet for those who don’t know: is a worm that exploited 0days, which – for the sole purpose to disrupt Iran’s Nuclear power program.
Few, don’t know about another malware, which appeared way earlier than StuXNet. – Fanny.bm… Continue reading Was fanny.bmp the recon part of StuXNet’s operation? (since it was before StuXnet & is nearly identical in parts of code to StuXNet) [closed]
What is the difference between "hooking" and "rooting"?
My client did a pentest and he gave us feedback about root detection.
So I used RootBeer android lib to fix root detection. In their readme, they highlighted that root detection is a "game of cat and mouse".
Once we have delivere… Continue reading What is the difference between "hooking" and "rooting"?
How do I know if I have a rootkit?
I was using windows 7.
I downloaded some UNKNOWN fake cam software (for playing videos on zoom), and install a UNKNOWN DRIVER!!
Later, I realized the danger of rootkit.
So I upgrade my computer to windows 10 and replace my HHD to SSD.
Do I… Continue reading How do I know if I have a rootkit?
What is the current (mid-2020) status of hardware rootkit/malware and possible detection/monitoring?
I’ve posted a question (link) related to a potential compromised computer via SSH access with root user. Although no evidence of a break-in, I’m considering extended measures to ensure (as much as possible) that my hardware has not been co… Continue reading What is the current (mid-2020) status of hardware rootkit/malware and possible detection/monitoring?
What’s the proper way to sanitize a compromised SSD/HDD RAID?
Following a previous question (here), I’ve been considering more extended measures to certified (not entirely though) the safety of my computer. For the sake of clarity, the compromised status of these drives would potentially come from a … Continue reading What’s the proper way to sanitize a compromised SSD/HDD RAID?
Are port and miniport drivers protected by PatchGuard in Windows?
I’m planning to write a driver that unhooks the rootkit hooks in the miniport layer (hooks of device objects or major function array)
But I want my driver to be generic and work in most Windows versions and both 32 and 64 bit Windows.
The … Continue reading Are port and miniport drivers protected by PatchGuard in Windows?
how would a 12-digit password be a safe guard in this situation?
So guys, I messed up with the configs in a computer and let the SSH server open to the wild with ROOT login enabled. I’m trying to assess the potential damages, which I may never know for sure.
Regrets apart, this mistake lasted for over a… Continue reading how would a 12-digit password be a safe guard in this situation?
I have a win 8.1 with computer from 2008. (using local net with provider’s VPN.) How can my neighbors see my deeds on the computer? [closed]
They are talking about it. And even now can see it (I believe).
He is working as an electrician or network admin or somewhat related(or maybe have friends in such fields).
We had a war here (not completely over yet), so can be a some soldi… Continue reading I have a win 8.1 with computer from 2008. (using local net with provider’s VPN.) How can my neighbors see my deeds on the computer? [closed]