MemeStreams | MemeStreams Discussion

Create an Account

This page contains all of the posts and discussion on MemeStreams referencing the following web page: F-Secure : News from the Lab. You can find discussions on MemeStreams as you surf the web, even if you aren't a MemeStreams member, using the Threads Bookmarklet.

F-Secure : News from the Lab
by dmv at 12:50 pm EDT, Oct 10, 2005

The most notable feature of this non-public Golden Hacker Defender is it's anti-detection engine. It is able to bypass most of the modern rootkit detectors. The anti-detection engine identifies detectors through a binary signature before the detector has a chance to execute. If the signature matches, the rootkit can disable some of its hooks or it can patch the detector's binary to modify its functionality.

The obvious conclusion? It is time for an anti-detector-detector detector!