1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News Researcher develops NIC rootkit

Discussion in 'Article Discussion' started by Lizard, 24 Nov 2010.

  1. Lizard

    Lizard @ Scan R&D

    Joined:
    17 Feb 2007
    Posts:
    2,890
    Likes Received:
    34
  2. mi1ez

    mi1ez Active Member

    Joined:
    11 Jun 2009
    Posts:
    1,436
    Likes Received:
    18
    scary stuff!
     
  3. Tattysnuc

    Tattysnuc Thinking about which mod to do 1st.

    Joined:
    19 Jul 2009
    Posts:
    1,592
    Likes Received:
    55
    At what point is data encrypted? Is it encrypted on the NIC card, or by the processor. If it is the former then this is scary stuff indeed.... Big brother and all that...
     
  4. Landy_Ed

    Landy_Ed Combat Novice

    Joined:
    6 May 2009
    Posts:
    1,428
    Likes Received:
    39
    I think it's very thoughtful of him to do all the casual hackers work for them.

    Thanks, Delugré.
     
  5. wiggles

    wiggles Member

    Joined:
    9 Jun 2010
    Posts:
    227
    Likes Received:
    1
    I wonder what his motivation was for such research. Seems unscrupulous.
     
  6. liratheal

    liratheal Sharing is Caring

    Joined:
    20 Nov 2005
    Posts:
    10,656
    Likes Received:
    732
    Looking more and more like the safest machines are the ones not connected to anything at all.
     
  7. javaman

    javaman May irritate Eyes

    Joined:
    10 May 2009
    Posts:
    3,405
    Likes Received:
    72
    Time to start developing bios or even hardware based anti virus. Only way to try and stop such attacks
     
  8. eddtox

    eddtox Homo Interneticus

    Joined:
    7 Jan 2006
    Posts:
    1,296
    Likes Received:
    15
  9. paisa666

    paisa666 I WILL END YOU!!!

    Joined:
    4 Mar 2009
    Posts:
    809
    Likes Received:
    42
    Thnx to guys like this... we can be aware of the potential dangers we didnt imagine could exist and some ppl could use for the bad!!!... This is all for prevention and its good

    Ofc... now that we are aware of such a threat being possible... who says great Uncle Sam havent been using this rootkit on all of us or a long time now ¬ ¬'... Google?... ¡¡¡damn Skynet!!!
     
  10. Lazy_Amp

    Lazy_Amp Entry AMD Engineer

    Joined:
    17 Jul 2010
    Posts:
    91
    Likes Received:
    1
    I know a guy who unplugs everything from his computer when he stops using it.

    Then he locks it in an ammo box XD
     
  11. wuyanxu

    wuyanxu still wants Homeworld 3

    Joined:
    15 Aug 2007
    Posts:
    10,590
    Likes Received:
    231
    best way to prevent any form of attack is a good router with dedicated firewall for it.

    firewall software on your desktop is pretty useless IMHO. low level attack such as this will be avaliable sooner or later, because all the standards are open source, as long as someone can be bothered to look at it, they should be able to make something to do low level attack.
     
  12. The_Beast

    The_Beast I like wood ಠ_ಠ

    Joined:
    21 Apr 2007
    Posts:
    7,379
    Likes Received:
    164
    Start with Killer NIC Bigfoot owners first, most are DBs with too much money anyways
     
  13. tristanperry

    tristanperry Active Member

    Joined:
    22 May 2010
    Posts:
    906
    Likes Received:
    38
    As paisa666 says, it's good that a white hat hacker got there first.

    There will now probably be a race (between NIC manufactures and black hatters) to see who can be the first (to solve or exploit this, respectively), but at least it's out there I guess.
     
  14. Doomah

    Doomah New Member

    Joined:
    8 Oct 2009
    Posts:
    13
    Likes Received:
    0
    Who sais a white hat hacker got there first? Perhaps someone else is using this exploit for years allready.
     
  15. TheLostSwede

    TheLostSwede New Member

    Joined:
    12 Sep 2005
    Posts:
    31
    Likes Received:
    0
    Do note that this is an older PCI card, so it might very well not apply to PCI Express based NICs, nor the various kinds built into the motherboard chipsets. Then again, it's possible that a similar hack is possible for them.
     
  16. BRAWL

    BRAWL Well-Known Member

    Joined:
    16 Aug 2010
    Posts:
    2,666
    Likes Received:
    184
    Indeed it's fairly true... I mean, who do you know (Who isn't an enthusiast) who downloads windows updates will notice one file that opens all this up called "Windows Sys32 update"?

    but it's nice to see this avenue looked into aswell, especially if companies start up a nice big anti-virus hardware based stuff, be very cool for them to start doing.
     
  17. Xir

    Xir Well-Known Member

    Joined:
    26 Apr 2006
    Posts:
    5,250
    Likes Received:
    88
    Maybe he works for uncle Sam....:D
    Otherwise Uncle Sam is going to be pretty **ssed off, as they've probably been using stuff at this level for a loooong time.

    Now where's that tinfoil hat? :thumb:
     
  18. FelixTech

    FelixTech Robot

    Joined:
    12 Jun 2009
    Posts:
    357
    Likes Received:
    8
    How long before he moves on to southbridge rootkits? :O
     
  19. dark_avenger

    dark_avenger Well-Known Member

    Joined:
    9 Jul 2008
    Posts:
    1,103
    Likes Received:
    46
    Most routers enable ALL outbound traffic to pass through. Which means if the NIC makes a outbound connection it can then have two way communication.

    If the router was setup correctly to block all outbound except the ports you require it would help but then again nothing stopping them using something like port 80 which you would have open for web access.....
     
  20. thehippoz

    thehippoz New Member

    Joined:
    19 Dec 2008
    Posts:
    5,780
    Likes Received:
    174
Tags: Add Tags

Share This Page