Popular Rootkit Examples

What is a Rootkit?

A rootkit is a harmful software tool or program that allows a threat actor to take remote control of and access to a computer or other system. While there are actual applications for this kind of software, such as remote end-user support, the majority of rootkits create a backdoor on victims’ computers so that harmful programs, such as viruses, ransomware, keylogger programs, or other malware, can be introduced or the system can be used as a platform for additional network security attacks. Rootkits commonly try to stop antivirus and endpoint antimalware software from detecting harmful software....

How Rootkit Functions?

Rootkits are unable to spread on their own, thus they must infect systems through covert techniques. When unaware consumers allow rootkit installer programs to install on their systems, the rootkits install and remain hidden until hackers activate them. Rootkits contain malicious software such as banking credential stealers, password stealers, keyloggers, antivirus disablers, and bots used in distributed denial-of-service attacks....

Why are Rootkits so Dangerous?

Rootkit viruses can spread using misleading threat vectors such as faulty downloads, spam emails, and exploit kits. Some rootkits even use Trojans such as Perkier malware to compromise a system’s security....

Types of Rootkits

Bootloader rootkit...

Examples of Rootkit Attacks

Phishing and social engineering attacks:  Users who read spam emails and unintentionally download malicious software put their PCs at risk of becoming infected with rootkits. Rootkits also employ keyloggers to obtain user login information. A rootkit, once installed, can allow hackers to access sensitive user information and take control of computer operating systems....

Popular Rootkit Examples

Lane Davis and Steven Dake wrote the first known rootkit in the early 1990s. NTRootkit was one of the earliest malicious rootkits targeting the Windows operating system. HackerDefender – this early Trojan modified/augmented the OS at the lowest level of function calls. Machiavelli, the first rootkit for Mac OS X, was released in 2009. This rootkit generates covert system calls and kernel threads. Greek wiretapping: In 2004/05, attackers built a rootkit that targeted Ericsson’s AXE PBX. Zeus, discovered in July 2007, is a Trojan horse that steals financial information using man-in-the-browser keyboard tracking and form capture. Stuxnet is the first known rootkit for industrial control systems. Flame is a computer malware that was found in 2012 that infects machines using the Windows operating system. It can capture audio, screenshots, keyboard activities, and network traffic....

Conclusion

A rootkit is a program or group of malicious software tools that allows a threat actor to remotely access and manipulate a computer or other device. The fact that rootkits are made to conceal their existence on your device makes them very hazardous. A threat actor who has installed a rootkit on your machine (often through phishing emails) can remotely access and manipulate it. Rootkits, which allow root-level access, can be used to deactivate antivirus software, spy on your behavior, steal sensitive data, or execute other malware on the device....

Frequently Asked Questions on Rootkit- FAQs

Is rootkit a type of Trojan?...