Eweek has an interesting piece on a proof of concept hyperjacking rootkit that’s about to do the rounds of the security shows…

“The idea behind Blue Pill is simple: your operating system swallows
the Blue Pill and it awakes inside the Matrix controlled by the ultra
thin Blue Pill hypervisor. This all happens on-the-fly (i.e. without
restarting the system) and there is no performance penalty and all the
devices,” she explained.

Rutkowska stressed that the Blue Pill technology does not rely on
any bug of the underlying operating system. “I have implemented a
working prototype for Vista x64, but I see no reasons why it should not
be possible to port it to other operating systems, like Linux or BSD
which can be run on x64 platform,” she added.

Interesting times…

Advertisements