A forum for reverse engineering, OS internals and malware analysis 

 #19392  by Victor43
 Thu May 23, 2013 1:43 pm
Hello everyone.

I was hoping anyone could give me advice on how to go about learning the behaviors of the latest rootkit threats ? I would like to learn of their hiding techniques and techniques they use to filter data out to their C&C servers ?

Any advice would be greatly appreciated.

Victor
 #19393  by EP_X0FF
 Thu May 23, 2013 1:54 pm
There is no such thing as "latest" rootkits. All rootkits ITW are 2005-2006 year technology level. I would recommend start from something really old, like Haxdef, next take Haxdoor, next Rustock, next Sinowal, next TDSS, next ZeroAccess. That is all.