Error opening template: advertisement/zones/468x60_generic.tplError opening template: advertisement/zones/728x90_leaderboard.tplError opening template: advertisement/zones/728x90_bottom_ad.tplError opening template: advertisement/zones/300x250_right_ros_up.tplError opening template: advertisement/zones/300x250_right_ros_down.tplError opening template: advertisement/zones/160x600_left_nav.tplError opening template: advertisement/zones/160x600_right_nav.tpl How Rootkits Work

How Rootkits Work

A rootkit is malware that is installed on a computer by an intruder for the purpose of gaining control of the computer while avoiding detection. Unlike other malware, rootkits are capable of avoiding the operating system scan and other related antivirus/anti-spyware programs by hiding files and concealing running processes from the computer's operating system. Rootkits are basically Trojan horse malware that is used in conjunction with other malicious programs in an effort to remain undetected by the computer user or the antivirus scan system.

Types of Rootkits

There are several different types of rootkits which are User Mode, Kernal Mode, and Firmware rootkits.

  • User Mode: User mode rootkits are able to run on a computer through administrator privileges which means that they are capable of accessing files, network ports, and system drivers. They copy files to the PC hard drive so they are automatically activated every time you start your computer. Rootkits in user mode can be detected and removed.
  • Kernal Mode: Kernal mode rootkits are installed at the same level as the PCs operating system so it can influence your PCs operating system which leads to unexplained events. Rootkits in kernel mode cannot be detected by the user other than the unexplained events and crashes, or the antivirus program.
  • Firmware: Firmware rootkits are the most malicious type of malware because they are capable of creating malcode inside the firmware while you computer is shut down. Every time you start your computer this type of malware will reinstall. Firmware cannot be detected by the user and is very difficult to remove.

How Rootkits Work

The main purpose of a rootkit is to make unauthorized modifications to the software in your PC. There are different ways that this is accomplished once a rootkit has made its way into your PC.

  • Spyware: A rootkit can modify your software programs for the purpose of infecting it with spyware. The spyware that is installed by the rootkit is sometimes difficult to detect however, you will notice strange things happening like links appearing on your desktop and changes in the habits of your web browser.
  • Back Door: A back door is a modification that is built into a software program in your computer that is not part of the original design of the program. It creates a hidden feature in the software program that acts like a signature so the intruder can use the software for malicious purposes without being detected.
  • Byte Patching: Bytes are constructed in a specific order which can be modified by a rootkit. If the bytes are rearranged it compromises the computer software protections so the intruder can gain control of the software for malicious purposes.
  • Source-Code Modification: Source code modification is accomplished by modified the code in your PC's software right at the main source. The intruder inserts malicious lines of source code for the purpose of hacking software with confidential information. The code can also end up in a myriad of other programs which makes it very difficult to locate.

PC software is designed to make very precise decision about specific types of data and a rootkit alters the software so that it makes errors in its decisions. For this reason, a rootkit is difficult to detect and difficult to remove.

(0 Comments)
Log in or sign up to comment.

Post a comment

Log in or sign up to comment.

Fraud causes hundreds of millions of dollars in damage each year and affects just as many people.

Credit card fraud is the most common type of fraud to occur each year and cost its victims up to $500 million dollars in damages each year. Despite the frequent occurrence of this type of fraud, millions of credit card users are still unaware of how to protect themselves against this type of thievery.

No one is completely safe from being defrauded. But, by learning how to protect against fraud, you will be better equipped to prevent yourself from falling into a scam that could cost you everything. Taking the time to protect yourself can help to keep you safe.