Most Sophisticated Rootkit Getting an Overhaul 104
jfruhlinger writes "TDL4, a rootkit that helps build a powerful botnet, is pegged by security vendor ESET as one of the most sophisticated pieces of malware in the world. But its creators aren't resting on their laurels; they're rewriting some of the code from the ground up to make it difficult for antimalware to detect it, creating a hidden boot partition that guarantees malware code will be loaded even before the operating system is. It's part of a plan to turn TDL4 into a turnkey product that can be sold to other criminal operations."
Re:Next up, antimalware built into boot sectors. (Score:5, Informative)
Floppies have no internal logic capable of acting on the switch state, it is entirely up to the floppy drive to sense and obey. SD cards do have an internal controller, and could theoretically enforce write-blocking on themselves; but they don't. Their switch is also just a little plastic tab, and it is entirely up to the reader to sense and obey the tab position. The card's PCB has no connection at all to the switch, and has no way of sensing its position...