Three reasons to worry about root kits.

Rootkits are a type of malware

The presence of a rootkit on a network was first documented in the early 1990s. At that time, Sun and Linux operating systems were the primary targets for a hacker looking to install a rootkit. Today, rootkits are available for a number of operating systems, including Windows, and are increasingly difficult to detect on any network.

  • They hide everything: This type of malware uses misdirection
  • They give hackers control: Root kits give hackers administrative level privileges
  • They rewrite their code: Some Rootkits are polymorphic, which means that they rewrite their code.

As traditional anti-virus looks at an applications code and checks for certain sets of characters, having a bit of malware that can change it code makes it very difficult to detect.

If the computer locks up or fails to respond to any kind of input from the mouse or keyboard, it could be due to an installed kernel-mode rootkit. Settings in Windows change without permission. Examples of this could be the screensaver changing or the task-bar hiding itself. Web pages or network activities appear to be intermittent or function improperly due to excessive network traffic.

The only way to be sure you have removed a root kit is to flatten your drives and reinstall…

Share This

Share this post with your friends!