previous arrow
next arrow
Slider

Rootkit

A rootkit is a collection of software that enables unauthorized users with special access to programs and restricted system files. Cybercriminals attempt rootkit infections by exploiting known vulnerabilities or stealing credentials that enable administrator access. Social Engineering is the most common form of credential theft. Access to root directories allows rootkits to install other malware like ransomware, keyloggers or viruses. Once installed, it is possible to hide intrusions from anti-malware while still maintaining privileged access. Rootkits are configured to allow remote control over devices to monitor system activities, steal sensitive information or take control of the device and the network.

The kernel-mode rootkit is designed to control operating system functions. Kernel rootkits add code or modify the existing code of the kernel to subvert core OS operations. A rootkit designed to target user files is referred to as an Application Rootkit. These rootkits operate with user privileges to change application file behavior by injecting code or replace application files with rootkit files. These rootkits are initialized at system startup-like standard user applications. Firmware Rootkits affect firmware like network devices and are installed onto network cards, system BIOS, routers and other peripherals to create a persistent malware image.

Detection of rootkit intrusion and subsequent removal is difficult, particularly kernel rootkits embedded in boot sectors, OS kernels and firmware. To eliminate rootkit infections, it is recommended that the OS be reinstalled. Removing bootloader or kernel rootkits requires access to the infected hard disk through an uncompromised, secure OS. Rootkits were developed to gain system privileges and operate at the OS level making detection and elimination extremely hard, even for standard antiviruses. AttackSolutions offers users a rootkit patch as an add-on program to our antivirus. The rootkit add-on effectively tracks and eliminates rootkits from the system.

Locations

Get a Quote

If you have questions or comments, please use this form to reach us, and you will receive a response within one business day. Your can also call us directly at any of our global offices.