Results 1 to 7 of 7

Thread: Blue pill

Hybrid View

  1. #1
    Senior Member DakX's Avatar
    Join Date
    Jul 2005

    Exclamation Blue pill

    Note: this is not about the matrix or anything related to that.

    Second note: I didn't know where to place this, because its a malware this section seemed best to me.

    'Blue Pill' Prototype Creates 100% Undetectable Malware'
    I read this on eweek [1] and another (dutch) rss feed. I went in search of the website [2] . After clicking trough to the blog [3] site my fear was lessend, thank god.
    It turns out that its still in prototype status and is still not 100% undetactable.
    About the eweek article, by the creator of "the blue pill" :It suggests that I already implemented "a prototype of Blue Pill which creates 100% undetectable malware", which is not true.
    The blog further explains things about how the program works, although I have to admit that I haven't read it all. Much of the things explained there are above my limmeted knowledge of the computer.


    P.s. I do not mean to scare anyone as I'm certain that someone will already have read it. I just thought I'd post about it to inform those who didn't. I hope I didn't cause a fuss or anything like that, that is not my intention.

    [1] http://www.eweek.com/article2/0,1895,1983037,00.asp
    [2] http://invisiblethings.org/
    [3] http://theinvisiblethings.blogspot.com
    [T]he future is now.

  2. #2
    Senior Member
    Join Date
    Mar 2004

    Some of you may have noticed that currently, there is a constructive - er - competition
    in progress - Joanna still claims the undetectability of her HVM rootkit[1,2],
    while others argue that they can detect it[3,4].

    The reason I am writing this post is another, however. A month ago, quite
    a nice paper[5] has been published, which gives a review of the HVM situation
    and explains in some detailed level the development of such a rootkit.
    If you want to go further into coding, have a look at the bluebillproject[6],
    which offers some source code.


    [1] http://theinvisiblethings.blogspot.c...challenge.html
    [2] http://theinvisiblethings.blogspot.c...1_archive.html (second entry)
    [3] http://www.matasano.com/log/895/joan...t-us-prove-it/
    [4] http://rdist.root.org/2007/06/28/und...kit-challenge/
    [5] http://www.crucialsecurity.com/docum...vmrootkits.pdf
    [6] http://bluepillproject.org/
    If the only tool you have is a hammer, you tend to see every problem as a nail.
    (Abraham Maslow, Psychologist, 1908-70)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts