Trojan.Srizbi In The Kernel

Have you read about the Srizbi Trojan? It runs in kernel mode and is supposedly a bit difficult to remove. I learned about it over at Symantec's Web site where they've posted some technical details.

Intruders are using MPack, which I wrote an editorial about last week, to get the Trojan installed on to people's computers. You can read a bit more about that aspect in Symantec's blog where they reveal that so far the Trojan sends spam and appears to be in a beta state of development. If that's the case then it might take on a more insidious nature in the future.

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish