While Absolute Software is a legitimate company and information about Computrace product is available on the company's official website, I'm not going to repeat their research here, as it's pretty extended. I advise you to read their post, as it provides excellent information as well. Secondly, there has been research from Kaspersky as well on the subject, read their blog post here: Absolute Computrace Revisited This activity is also consistent with rootkit behavior, the only difference being that rootkits are generally malicious, while anti-theft technologies act as a form of protection against thieves. In order to be an effective system, the anti-theft agent must be stealthy, must have complete control of the system, and most importantly, must be highly persistent because wiping of the whole system most often occurs in the case of theft. Why would this be an issue? First of all, there has been some excellent research by Anibal Sacco and Alfredo Ortega here: Deactivate the Rootkit, in which they describe attacks on BIOS anti-theft technologies, which Absolute also offers. In the firewall, he saw tons of outgoing connections to a certain server:Įach second outgoing connection to Ī quick Google search revealed this was actually part of Absolute's Computrace tool - aka Absolute Persistence. Not too long ago my friend and colleague from Sweden, Jimmy, contacted me in regards to a strange issue. How to remove or uninstall Absolute Computrace How to determine if you have Absolute Computrace installed ![]() ![]() Binaries & BIOS information & characteristics
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |