The notorious <A HREF="http://www.infoworld.com/article/07/07/05/Mpack-installs-ultrainvisible-Trojan_1.html">Mpack hacker toolkit is installing malware</A> that carries out its chores--including spewing spam--from within the Windows kernel, making it extremely difficult for security software to detect it, Symantec said Thursday.
The Trojan horse that Symantec has dubbed "Srizbi" is being dropped onto some PCs by the multi-exploit Mpack, a ready-to-use attack application that until recently has been selling for around $1,000. Responsibility for a large-scale attack launched from thousands of hijacked Web sites last month was pinned on Mpack, as was a follow-up campaign waged from compromised Internet porn sites.