Researchers at a recent hackers' conference have shown how it's possible to take control of a Windows 7 machine during its boot sequence.
Demonstrating the code at the recent Hack In The Box event in Dubai, security researchers Vipin Kumar and Nitin Kumar used a piece of code called VBootkit 2.0 to take full control of a Windows 7 machine during the booting up process.
Based on the principle that Windows 7 is meant to be safe from attack during the boot up process, the duo showed that the code, which is only 3KB in size, could actually easily be run while the OS is starting up.
The attacker can then gain remote access to the computer and can change files around with the highest level of administrator privileges, and then return the system to its original passwords to leave the hack undetected.
Unfixable
"There's no fix for this. It cannot be fixed. It's a design problem," said Vipin Kumar when demonstrating the tool.
However, the threat of the software is apparently nowhere near as great as with other internet-based hacks and viruses, as it requires the hacker to be present with the PC.
The VBootkit 2.0 software is almost undetectable on the machine as well, as it focuses on altering files in the boot up process, although when the computer is restarted the files are wiped.
Via Network World
Your comments (5) Click to add a new comment
lovlid
April 29th
5. @ timdot.
I wondered when one of you lot would chirp in. If unix was anywhere near as popular, it too would be attacked. But it aint, so go away please.
Alert a moderator
timdot
April 27th
4. Simple fix: Switch to UNIX.
Alert a moderator
milchs
April 24th
3. Bit too much hype. The tool (KON-BOOT) that seems to use same attack technique, was already released before the actual HITB conference. Furthermore it seems to be more useful to the normal user (since it enables logging into any password protected profile without a password for plenty of Linux and Windows systems at once). Try it by yourself - the tool can be downloaded here:
http://piotrbania.com/all/kon-boot/
Alert a moderator
diffydoo89
April 24th
2. Well, if the hacker has to be physically present at the PC then its useless. Anyone can take control of your PC if they are sitting at it! Duh!
RT
www.anonymity.es.tc
Alert a moderator
lilykudrow
April 24th
1. Windows 7 - Could Microsoft Go Back Before Vista and Resurrect Longhorn?
A good read:
http://techunits.com/content/list_all/36/windows7
Alert a moderator
Tell us what you think
You need to Log in or register to post comments