dcsimg

Crucial Security Explains Hypervisor Rootkits

CHANTILLY, Va., Aug. 7 /PRNewswire/ -- Crucial Security, Inc announced today that it has created a demonstration of how the virtualization capabilities built into modern AMD processors can be used by rootkits. A white paper is available on Crucial Security's website now. Today's presentation and source code will be available soon.

CHANTILLY, Va., Aug. 7 /PRNewswire/ — Crucial Security, Inc announced today that it has created a demonstration of how the virtualization capabilities built into modern AMD processors can be used by rootkits. A white paper is available on Crucial Security's website now. Today's presentation and source code will be available soon.

Rootkits are applications designed to take control of a computer at its most fundamental level. Rootkits employ various techniques to conceal themselves to avoid detection. Hardware-assisted Virtual Machine (HVM) rootkits are even more difficult to detect because they control access to the processor and run at a higher privilege than the operating system.

The purpose of this demonstration is to present a description of the technology for those outside the rootkit community.

Several recent technological developments and related presentations coincide with Crucial's success implementing a hypervisor on the AMD processor. At the 2007 Black Hat USA conference in Las Vegas, Joanna Rutkowska presented on "Blue Pill" hypervisor rootkits and published source code on the www.bluepillproject.org website. Thomas Ptacek of Matasano Security presented on related topics. What makes Crucial's announcement and presentation distinctive is the educational focus, including a white paper and presentation – all available via the Resources page on the company website: www.crucialsecurity.com .

The source code will not be a complete HVM rootkit, but an introduction to the technology. Crucial can provide additional information and technical briefings for interested Federal Government customers.

Vice President and Co-Founder, and Department Manager for Crucial's Internal R&D, Gary Kay said, "Crucial is fortunate to have talented engineers who developed and demonstrated this method. Sharing the method in an educational format at no cost was a great idea, and I'm happy to support it – especially as advancements in this area are moving so quickly."

Crucial Security's elite engineers and scientists support the United States Government's collection, processing, and analysis of large data sets; or as the company calls it … engineering the science of intelligence. Providing state-of-the-art technical engineering and security services, Crucial offers computer forensics, very large databases, infrastructure and engineering, security operations centers, software engineering, project management, penetration testing, training, and visualization.

SOURCE Crucial Security, Inc.

Comments are closed.