Facebook  Twitter  Google +  Linkedin

rootkit yimWhat is a root kit? A root kit describes mostly malicious software with one main characteristic: the process tries to hide itself from the user by manipulating file, registry, and other important access queries which makes rootkits especially hard to detect.

Detection methods include using an alternative and trusted operating system, behavioral-based methods, signature scanning, difference scanning, and memory dump analysis. Removal can be complicated or practically impossible, especially in cases where the rootkit resides in the kernel; reinstallation of the operating system may be the only available solution to the problem.
There are at least five types of rootkit, ranging from those at the lowest level in firmware (with the highest privileges), through to the least privileged user-based variants

Sony BMG scandal
If one is to look into recent history, the scandal that especially comes to mind was the Sony rootkit scandal. In 2005, Sony BMG published CDs with copy protection and digital rights management software called Extended Copy Protection, created by software company First 4 Internet. The software included a music player but silently installed a rootkit which limited the user's ability to access the CD. Sony BMG later released patches to uninstall the rootkit.

Evolution of rootkits
Modern rootkits are evolving beyond the basic payload of privilege escalation to more advanced capabilities of making other software payloads undetectable by adding stealth capabilities. Most rootkits are classified as malware because their payloads are bundled with malicious wares. An example payload maybe to monitor online banking activities and email the information collected to the author of the rootkit.

Some more advanced uses of rootkits are corporate espionage and even cyber warfare as was demonstrated by the famous stuxnet rootkit which was used to sabotage Iran’s nuclear program though stuxnet had several components to it.

With the future of warfare currently been done in cyber space rootkits present a very silent and yet potent danger to the victim and are at times very hard to detect.