Researcher Offers Tool to Hide Malware in .NET
Jeremy Kirk writes on InfoWorld:
A computer security researcher has released an upgraded tool that can simplify the placement of difficult-to-detect malicious software in Microsoft's .Net framework on Windows computers.
The tool, called .Net-Sploit 1.0, allows for modification of .Net, a piece of software installed on most Windows machines that allows the computers to execute certain types of applications.
Microsoft makes a suite of developer tools for programmers to write applications compatible with the framework. It offers developers the advantage of writing programs in several different high-level languages that will all run on a PC.
.Net-Sploit allows a hacker to modify the .Net framework on targeted machines, inserting rootkit-style malicious software in a place untouched by security software and where few security people would think to look, said Erez Metula, the software security engineer for 2BSecure who wrote the tool.
"You'll be amazed at how easy it is to devise an attack," Metula said during a presentation at the Black Hat security conference in Amsterdam on Friday.