McAfee maakt vandaag de resultaten bekend van een onderzoek naar de beveiligingsarchitectuur van het Microsoft Windows platform, waarin verschillende methoden zijn bestudeerd die gebruikt worden door auteurs van malware om files, processen en registratiesleutels te verbergen. De resultaten worden beschreven in de vandaag bekendgemaakte whitepaper getiteld “Rootkits deel 2: Een technische inleiding”. Deze whitepaper is bedoeld om professionals op het gebied van IT-beveiliging te helpen de technologieën te begrijpen die ‘stealth’ mogelijk maken op het Microsoft Windows platform. De bevindingen van McAfee suggereren dat nieuwe technieken de beveiligingscommunity zullen blijven uitdagen, aangezien hackers steeds sterkere en gevaarlijkere vormen van malware creëren die moeilijk te vinden en te verwijderen zijn.
Deze whitepaper is de tweede in een serie over rootkits en is als bijlage meegestuurd. De online versie is beschikbaar vanuit het McAfee Threat Center via
www.mcafee.com/us/threat_center/default.asp.
Meer informatie vindt u in onderstaand Engelstalig persbericht. Indien u interesse heeft om met iemand van McAfee te spreken of vragen heeft over onderstaand persbericht, kunt u contact opnemen met:
Text 100 Public Relations, Karin Schop
D: +31.20.530.43.47
E-mail:
karin.schop@text100.nl
PERSBERICHT
McAfee, Inc. researchers examine the technologies that make ‘stealth’ possible on the Microsoft Windows platform
Findings Suggest that new Rootkit Techniques will Continue to Challenge the Security Community
SANTA CLARA, CALIF., April 18, 2007 – McAfee, Inc. (NYSE: MFE) today announced the availability of Rootkits Part 2: A Technical Primer, a whitepaper designed to help IT security professionals better understand the technologies that make stealth possible on the Microsoft Windows platform. The whitepaper is part two in a series on rootkits, and is available for download through the McAfeeâ Threat Center:
www.mcafee.com/us/threat_center/default.asp.
Rootkits—a term commonly used to describe malware such as Trojans, worms and viruses—actively conceal its existence and actions from users and other system processes. Because rootkits use technologies to hide any trace of intrusion, the term rootkit is associated with the term “stealth.”
Rootkits Part 2: A Technical Primer examines the basic security architecture of Windows and explores several methods used by malware authors to hide files, processes and registry keys. McAfee’s findings suggest that these new techniques will continue to challenge the security community, as hackers create stronger and more virulent strains of malware that will prove difficult to detect and delete.
“The number of rootkits submitted to McAfee Avertâ Labs in the first quarter of 2007, compared to the first quarter of 2006, has decreased by 15 percent—demonstrating that we are getting better at capturing existing families and existing techniques,” said Jeff Green, senior vice president, McAfee Avert Labs. “Rootkit techniques, which were new in the first quarter of 2006, basically included Trojans that were trying to incorporate rootkit behavior. Now we see more samples from existing rootkit families, whereas new families that employ rootkit techniques have slowed down.”
Over the past five years, McAfee has seen a significant increase in the number of Windows-based stealth components. Only 27 rootkit components existed in 2001, and today almost 2400 rootkit component were found in 2006. McAfee Avert Labs expects to see more than 2,000 Windows-based stealth components by the end of 2007, demonstrating that these technologies are here to stay.
About McAfee Avert Labs
McAfee Avert Labs maintains a top-ranked global security threat and research organization, employing researchers in sixteen countries around the globe. The Labs combine world-class malicious code and anti-virus research with intrusion prevention and vulnerability research expertise.
About McAfee Inc.
McAfee, Inc., is the leading dedicated security technology company. Headquartered in Santa Clara, California, McAfee delivers proactive and proven solutions and services that secure systems and networks around the world. With its unmatched security expertise and commitment to innovation, McAfee empowers home users, businesses, the public sector and service providers with the ability to block attacks, prevent disruptions, and continuously track and improve their security.
www.mcafee.com.
###
NOTE: McAfee and Avert are registered trademarks of McAfee, Inc. and/or its affiliates in the United States and/or other countries. McAfee Red in connection with security is distinctive of McAfee brand products. All other registered and unregistered trademarks herein are the sole property of their respective owners. © 2007 McAfee, Inc. All Rights Reserved.