09-11-2020 , 07:08 AM
https://www.avira.com/en/blog/what-is-a-...w-19101225 What is a Rootkit? How it works and what you can do to protect your PC
10 September 2020 by Jaime-Heather Schwartz and Nils Matthiesen 14 hours ago Rootkits might be some of the most dangerous malware because of their ability to go undetected. With the ability to remain hidden, rootkits enable a cybercriminal to remotely control your computer and steal sensitive information like your credit card or online banking credentials. Here’s a detailed look at how rootkits work and how you can protect yourself and your PC.
What is a rootkit?
A combination of the two words, “root” and “kit”, rootkits were originally a collection of tools that enabled administrator access to a computer or network. “Root” refers to the administrator account on Unix and Linux systems, while “kit” refers to the software components designed to take control of a PC without the user knowing. Nowadays, rootkits are considered a type of malware like trojans or worms.
In theory, a rootkit is not necessarily harmful, but what makes it dangerous is that it hides its activities and those of other malware. For example, a rootkit can hide a keylogger that records your keystrokes and secretly sends passwords and other confidential information over the Internet. A rootkit can also allow criminals to use your computer for illegal purposes, such as DDoS attacks or to send mass spam. So, it’s best to think of a rootkit as a kind of cloak of invisibility for other malicious programs.
Types of rootkits
Although rootkits have been around for several decades, they’re continually evolving, becoming increasingly difficult to detect. Some of the most well-known malware families utilize rootkits to avoid detection and removal. For example, Sirefef, Rustock, Cutwail, and the Alureon and Sinowal trojans. Below are examples of some specific types of rootkits:
Kernel mode rootkits target your computer’s core operating system in order to change how it functions. By adding their own code, cybercriminals can gain access to your computer for easy access to your personal information.
Hardware or firmware rootkits are named for where it is installed on your computer. Instead of targeting your operating system, it goes after the software that runs certain hardware components. It can affect your hard drive, the system BIOS, or even your router in order to intercept data written on the disk.
Bootloader rootkits attack your computer’s bootloader and replacing it with a hacked one. This makes it especially dangerous as it’s activated even before you turn on your computer’s operating system.
Memory rootkits hide in the RAM of your computer and will carry out damaging activities in the background.
Application rootkits replace standard files and might change the way standard applications function. They can infect various programs and each time one is run you give the cybercriminal access to your computer.
10 September 2020 by Jaime-Heather Schwartz and Nils Matthiesen 14 hours ago Rootkits might be some of the most dangerous malware because of their ability to go undetected. With the ability to remain hidden, rootkits enable a cybercriminal to remotely control your computer and steal sensitive information like your credit card or online banking credentials. Here’s a detailed look at how rootkits work and how you can protect yourself and your PC.
What is a rootkit?
A combination of the two words, “root” and “kit”, rootkits were originally a collection of tools that enabled administrator access to a computer or network. “Root” refers to the administrator account on Unix and Linux systems, while “kit” refers to the software components designed to take control of a PC without the user knowing. Nowadays, rootkits are considered a type of malware like trojans or worms.
In theory, a rootkit is not necessarily harmful, but what makes it dangerous is that it hides its activities and those of other malware. For example, a rootkit can hide a keylogger that records your keystrokes and secretly sends passwords and other confidential information over the Internet. A rootkit can also allow criminals to use your computer for illegal purposes, such as DDoS attacks or to send mass spam. So, it’s best to think of a rootkit as a kind of cloak of invisibility for other malicious programs.
Types of rootkits
Although rootkits have been around for several decades, they’re continually evolving, becoming increasingly difficult to detect. Some of the most well-known malware families utilize rootkits to avoid detection and removal. For example, Sirefef, Rustock, Cutwail, and the Alureon and Sinowal trojans. Below are examples of some specific types of rootkits:
Kernel mode rootkits target your computer’s core operating system in order to change how it functions. By adding their own code, cybercriminals can gain access to your computer for easy access to your personal information.
Hardware or firmware rootkits are named for where it is installed on your computer. Instead of targeting your operating system, it goes after the software that runs certain hardware components. It can affect your hard drive, the system BIOS, or even your router in order to intercept data written on the disk.
Bootloader rootkits attack your computer’s bootloader and replacing it with a hacked one. This makes it especially dangerous as it’s activated even before you turn on your computer’s operating system.
Memory rootkits hide in the RAM of your computer and will carry out damaging activities in the background.
Application rootkits replace standard files and might change the way standard applications function. They can infect various programs and each time one is run you give the cybercriminal access to your computer.
