Microsoft Research and a team from the Univestity of Michigan have developed "Subvirt", a Virtual Machine Based Rootkit that is installed underneath the installed operating system. A computer would boot the rootkit, whitch in it's turn would load the existing operating system in a virtual machine. While the user unknowingly works in that virtual environment, a second, hidden virtual machine would perform all kind of devious tasks. A rootkit like this would be independant of the operating system, meaning it could work on windows, linux etc.. more at http://www.eecs.umich.edu/virtual/papers/king06.pdf http://www.eweek.com/article2/0,1895,1936666,00.asp http://research.microsoft.com/csm/CSM_Publications.htm understandibly, the IT security world is in something of an uproar - there's a lot of discussion about a supposedly undetectable rootkit which uses virtual machine technology. Such SUPER (VM) ROOTKITS as they are being called will usher in a new dimensuion of malware ! Its deception techniques are said to be so good that at one point even its creators had difficulties unmasking it ! An unsuspecting person working on his seemingly clean computer, is sure to get a shock if he were to know that the super-rootkit had become active inconspicuosly... Though MS has kept the super-rootkit under lock-n-key wonder how long it will take for hackers to introduce its variant on the net... Time to get set for a cool new ride, ehh ! The news is slightly old, but did not see it covered here.