Your new post is loading...
Fast forward to the present, and a second BIOS rootkit - dubbed Niwa!mem - has been detected by McAfee. Initially a rootkit that infected the Master Boot Record (MBR), its latest variant became a "BIOSkit".
"The malware overwrites the original MBR in sector 0 and writes the file to be dropped (the downloader) in hidden sectors. The DLL copies itself to the Recycle folder and deletes itself. The downloader is dropped and executed every time the system is started," the researchers explain.
Read more:
http://www.net-security.org/malware_news.php?id=2143
