Reply To: Personal Firewalls

Home Forums Discussions General Discussion Personal Firewalls Reply To: Personal Firewalls

#5699

Vadim Smirnov
Moderator

I have always used system wide dll inject, but is there really any reason to do it when you have such privilleges on the machine? I see that things can be done easier by hijacking APIs in Kernel-Mode. (i’m still a n00b in that matter)

It’s a great luck for us that the majority of malware authors are not familier with kernel mode programming. Otherwise, numerous kernel-mode trojans… Terrific… 😯

AV companies prognose such a future, but I always hope for the better 🙄 😉