‘Indestructible’ Rootkit Gets Upgrade

The Alureon rootkit has just undergone an upgrade according to Russian antivirus firm Kasperkey Labs. It has gone from version 3 to version 4.

The original version made it so that Microsoft could not download Windows Updates in an attempt to get rid of it. When Windows updated, the rootkit caused a Blue Screen of Death, so Microsoft modified the updated to scan for the presence of the rootkit and, if present, Windows would not be updated.

Alureon 4.0 now has the capability to infect 64-bit machines, create its own web hosting service within Windows (through DHCP), to remove any other types of rootkits or malicious spyware from an infected machine, to prevent any other malware on an infected machine from using the Internet, and the ability to spread itself via its own encrypted Peer-toPeer network.

But, there are defenses against this malicious software.
The first defense is not to be infected in the first place because you have up-to-date and effective anti-virus software.
The second defense against it is to format your hard drive and re-install Windows.

Aren’t computers fun?

You can read more about this here, and here.