Hacktool.Stonedbootkit and Boot.Stonedbootkit

If your computer is infected with Hacktool.Stonedbootkit and Boot.Stonedbootkit, you may follow the procedure on this page to contain the threat. Remove these Trojan at once before it can further harm the system.

Hacktool.Stonedbootkit is a Trojan designed to drop a copy of Boot.Stonedbootkit. Hacktool.Stonedbootkit will replace the master boot record (MBR) with its own code to gain control of the infected computer.

While, Boot.Stonedbootkit is a boot sector virus installed by Hacktool.Stonedbootkit. The two are separate Trojans that targets Master Boot Record on victim’s PC. However, both share the same goal and that is to gain full access to the affected system.

Alias: StonedBootkit

Damage Level: High

Systems Affected: Windows 9x, 2000, XP, Windows Vista

Characteristics
When executed, Stonedbootkit will drop numerous files and folders to the compromised system. They are placed under the folder ‘Stoned’, which is located on System Drive folder. It also creates a Plugin folder where it will store malware components.

It will make a backup copy of the original Master Boot Record (MBR) on the following location:
SystemDrive%\Stoned\Master Boot Record.bak

To take control of the PC, this Trojan will replace the existing MBR with its own. With this method, the Trojan can now hook various system files and malicious code that overrides existing security privileges.

Once the Trojan accomplishes its tasks, it may notify the attacker about the infection. Then, attacker may use Stonedbootkit to gain full access on the compromised PC.

Distribution
Hacktool.Stonedbootkit primarily spread through spam operation. It is either in the form of email or Internet campaign. The Trojan will infect web site through vulnerabilities. Then, it will inject a code commonly used to process drop-by-download method to infect visitors. Authors of this Trojan also embed the code into downloadable executable files that are mostly hosted on unsecured file-sharing networks or peer-to-peer connection.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *