The dark side of open source software is StonedSeptember 7, 2009 – 8:12 PM
A rootkit is a piece of software which, for nefarious purposes, aims to run undetected on your computer. It will hide itself from process listings and will seek to interfere with the ordinary running of your system to fulfil its own purposes.
A bootkit is a particular type of rootkit which kicks in when the computer boots and before any operating system has loaded. This can make it even more dangerous because it has full access to the system and cannot be removed by merely inspecting the operating system’s list of start-up services.
Austrian hacker Peter Kleissner has released the world’s first ever open source bootkit framework called Stoned Bootkit, named in dubious honour of an early boot sector computer virus called “Stoned.”
Stoned Bootkit aims to attack all versions of Microsoft Windows from XP through to the brand new Windows 7, including Server releases. Stoned loads before Windows starts and remains in memory, and comes with its own file system drivers, a plug-in engine and a collection of Windows “pwning” tools.
Stoned Bootkit also claims to be the first bootkit that breaks TrueCrypt encryption as well as working with traditional FAT and NTFS disk volumes.
This means with Stoned you can install any software you choose – a Trojan horse, say – onto any computer running Windows. You do not need know any passwords and it does not matter if the file system is encrypted.