If you followed or attended the recent Blackhat conference you may have heard a talk given by Peter Kleissner regarding his recent work on “Stoned Bootkit.” A bootkit is a boot virus that is able to hook and patch Windows to get loaded into the Windows kernel and thus getting unrestricted access to the entire computer. It is even able to bypass full volume encryption because the master boot record (where Stoned is stored) is not encrypted. The master boot record contains the decryption software which asks for a password and decrypts the drive. This is the weak point, the master boot record, which will be used to pwn your whole system. No one’s secure!

Peter even demonstrates getting past TrueCrypt’s full disk encryption.

Stoned-Vienna Bootkit Introduction from PaulDotCom on Vimeo.

For more info: http://www.stoned-vienna.com/

This entry was posted on Friday, August 21st, 2009 at 1:26 pm by Tim Donaworth and is filed under hacking. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.