Rootkit unearthed in network security software
November 28 2008
Rootkit unearthed in network security software
Researchers have unearthed rootkit-like functionality in an enterprise security product. Network security software from a Chinese developer includes processes deliberately hidden from a user and, even worse, a hidden directory, Trend Micro reports. Files in the hidden directory could exist below the radar of antivirus scanners, potentially creating a stealthy hiding place for computer viruses that their creators might seek to exploit.
Trend Micro has written to the software developers involved in what looks like a case of misguided software design, rather than anything worse. Pending a fix from software developers, Trend Micro has slapped a "hacking tool" warning on the rootkit-like component of the network security tool (called HKTL-BRUDEVIC).
It doesn't name the developers except to say they are the same firm which bundles rootkit-like software with USB storage devices featuring fingerprint authentication.
Sony got a further black eye from issues with its MicroVault USM-F fingerprint reader software last year, which emerged a little over two years after its thorough mauling for including rootkit functionality on its music CDs. The feature, designed to stop fans ripping music tracks, created a security hole exploited by a number of Trojans.Reproduced from an article published by The Register
© The Register
The original article can be viewed here:
http://www.theregister.co.uk/2008/11/28/network_security_rootkit/
Permalink Bookmark Digg this story
Get the Industry's top stories delivered straight to your inbox...
