Zombie browsers spiced with rootkit extensions (Hacker Hotshots: Zoltan Balazs)

Zombie browsers spiced with rootkit extensions (Hacker Hotshots: Zoltan Balazs)

Henry Dalziel | General Hacking Posts, Hacker Hotshots | February 1, 2013

February 7th, which is a Thursday, at 1200 EST, we have Zoltan Balazs on Hacker Hotshots talking about “Zombie Browsers Spiced With Rootkit Extensions.”

What are Rootkit Extensions?
Let us agree to define a “rootkit” as a stealthy type of software designed to be conspicuous and generally to do bad stuff. The “root” bit of the word indicates that the malicious program runs at an administrative level. Basically if this is the first time you have heard the term then yeah, its a bad thing.

Zoltan has given this presentation a few times before in 2012 which you can see here and here – and this will be a great opportunity to bone-up on the material and ask questions since our talk will be live and online.

Our understanding (and we look forward to being corrected by Zoltan!) is that browsers are becoming the new operating system – with ChromeOS being the best example. Despite this trend Zoltan argues that as browsers grow in importance they slightly lag in terms of security. To demonstrate this he has created a browser rootkit, which works in Command and Control architecture.

The main features of his rootkit are, the ability to:

  • Steal cookies – e.g. therefore circumventing two-factor authentication
  • Steal passwords (from the browser password manager or from the DOM)
  • Upload and download files from the client browser
  • Execute JavaScript and executables on Windows
  • and much more which we hope Zoltan will share!

Again – here is the link for the live presentation and talk – please join us, if not it will be recorded (just check the link at the start of this sentence).

Leave a comment or reply below...thanks!