By Jeremy Kirk, IDG news service
A rootkit uncovered in the wild in December is proving to be a real headache to detect, according to Finnish security company F-Secure.
The "Mebroot," rootkit infects the master boot record (MBR), the first sector of a PC's hard drive that the computer looks to before loading the operating system. Since it loads before anything else, Mebroot is nearly invisible to security software.
"You can't execute any earlier than that," said Mikko Hypponen, F-Secure's chief research officer.
A rootkit is a malicious program that hides deep in a computer's operating system and can be difficult to remove.
Since December, Hypponen said it's seen alpha and beta versions of the Mebroot rootkit but believes it has now been RTMed, the term usually used for a legitimate piece of software that's entered production after testing.