{"id":8246,"date":"2008-01-14T13:42:02","date_gmt":"2008-01-14T12:42:02","guid":{"rendered":"https:\/\/destinationcyber.com\/?p=8246"},"modified":"2008-01-14T13:42:02","modified_gmt":"2008-01-14T12:42:02","slug":"mebroot-dernier-rootkits-en-vogue-a-deja-5000-victimes-au-compteur","status":"publish","type":"post","link":"https:\/\/destinationcyber.com\/?p=8246","title":{"rendered":"Mebroot, dernier rootkits en vogue a d\u00e9j\u00e0 5000 victimes au compteur"},"content":{"rendered":"<p>Il s&rsquo;agit cette fois d&rsquo;un rootkit suffisamment s\u00e9rieux pour faire l&rsquo;objet d&rsquo;un billet assez important sur le blog de Symantec consacr\u00e9 aux nouvelles menaces.<\/p>\n<p>Ce rootkit, que la soci\u00e9t\u00e9 a nomm\u00e9 Mebroot, s&rsquo;installe dans le MBR (Master Boot Record) du disque dur, la zone dans laquelle le syst\u00e8me d&rsquo;exploitation stocke les informations relatives aux emplacements des fichiers.<\/p>\n<p>Une fois int\u00e9gr\u00e9 dans ce secteur, Mebroot peut contr\u00f4ler l&rsquo;ensemble de la machine, en faisant notamment appel \u00e0 un malware de 467 Ko install\u00e9 dans le tout dernier secteur du disque dur.<\/p>\n<p>Selon Symantec, le probl\u00e8me principal reste que la majorit\u00e9 des syst\u00e8mes Windows permet un certain \u00e9crasement des donn\u00e9es du MBR, m\u00eame en mode utilisateur (par opposition au mode administrateur).<\/p>\n<p>Fanch<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Il s&rsquo;agit cette fois d&rsquo;un rootkit suffisamment s\u00e9rieux pour faire l&rsquo;objet d&rsquo;un billet assez important sur le blog de Symantec consacr\u00e9 aux nouvelles menaces. Ce rootkit, que la soci\u00e9t\u00e9 a nomm\u00e9 Mebroot, s&rsquo;installe dans le MBR (Master Boot Record) du disque dur, la zone dans laquelle le syst\u00e8me d&rsquo;exploitation stocke les informations relatives aux emplacements [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_citadela_custom_class":"","footnotes":""},"categories":[15],"tags":[],"class_list":["post-8246","post","type-post","status-publish","format-standard","hentry","category-securite"],"_links":{"self":[{"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/posts\/8246","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=8246"}],"version-history":[{"count":0,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/posts\/8246\/revisions"}],"wp:attachment":[{"href":"https:\/\/destinationcyber.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=8246"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=8246"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=8246"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}