Stone bootkit – attacks Sever 2003, Windows Vista, Windows XP, Windows 7.

Something interesting.

What is Stoned Bootkit?

A bootkit is a boot virus that is able to hook and patch Windows to get load into the Windows kernel, and thus getting unrestricted access to the entire computer. It is even able to bypass full volume encryption, because the master boot record (where Stoned is stored) is not encrypted. The master boot record contains the decryption software which asks for a password and decrypts the drive. This is the weak point, the master boot record, which will be used to pwn your whole system. No one’s secure!

IMHO, blackhats and malware analysts  really interested to go deep and to know in detail how this stone bootkit has been engineered.

Why is Stoned something new? Because it is the firts bootkit that..

  • attacks Windows XP, Sever 2003, Windows Vista, Windows 7 with one single master boot record
  • attacks TrueCrypt full volume encryption
  • has integrated FAT and NTFS drivers
  • has an integrated structure for plugins and boot applications (for future development)

You can download the source code here:

Open Source Framework – Stoned Bootkit Framework.zip
Infector file – Infector.exe

While I am trying to play with this bootkit, my computer at home which running full version Avira Antivir Professional detected http://www.stone-vienna.com containing malicious code. At least I know my webguard (one of the module inside Avira Antivir) is protecting me from any malicious activities.

Avira blocked-stonned-vienna-dot-com

However, don’t make this issue to become your resistance.

Do your homework, know your network.

Advertisements

2 thoughts on “Stone bootkit – attacks Sever 2003, Windows Vista, Windows XP, Windows 7.

  1. In this grand scheme of things you actually secure an A just for effort. Where exactly you actually lost me was first in all the specifics. As they say, details make or break the argument.. And it couldn’t be much more correct in this article. Having said that, let me say to you just what did give good results. The article (parts of it) is extremely persuasive and that is possibly the reason why I am taking the effort in order to opine. I do not really make it a regular habit of doing that. Second, although I can easily see a leaps in reasoning you come up with, I am not really confident of just how you appear to unite the ideas which in turn make your final result. For the moment I will, no doubt yield to your point however wish in the near future you actually connect your dots better.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s