Intel developed an anti-rootkit technique.

Prior to the incident of computer attacks via Sony's CDs, Intel has just announced it is working on a new project that helps computer users to automatically identify pre-installed dangerous software.

According to Travis Schluessler, an Intel researcher, this solution involves integrating a small chip on each motherboard (BMC) to closely monitor programs that have the right to modify the system configuration. risk of attack.

The idea in Intel's research project is to protect the system against potentially malicious "malicious" programs and to connect to the system, attack software running in the system memory - aka "rootkit" (*).

The same malicious software called "rootkits" took advantage of a flaw in the integrated anti-piracy technology for Sony's CDs to "pave the way" for hackers to hack into the computer. Security experts warned that a vulnerability created by Sony might help hackers perform undetectable attacks on the system.

Many dangerous worms and viruses, such as Slammer, Blaster, are capable of disabling programs running in permanent memory, or changing these programs to run the attacker's code, and then play Spread them over the Internet.

Schluessler said Intel did not expect the new project to take the place of antivirus or antispyware, but it would be a very good support tool for these security solutions.

However, Schluessler said that it was not until the end of 2008 or 2009 that the security project could be completed and applied on computers.

(*) Rootkit

A type of Trojan that can hide itself in files, lock the registry and connect to the network that is hard to detect. Rootkits only require very few resources to operate, and often interfere with common API (application programming interfaces). For example, it might interfere with queries to file managers like Explorer to hide themselves.

In summary, rootkits are designed for intrusion purposes and make changes that are not detected by the operating system and antivirus software.