What is a rootkit?

The term rootkit is very old and is dated back to the days when UNIX ruled the world. Rootkits for the UNIX operating system were typically used to elevate the privileges of a user to the root level (=administrator). This explains the name of this category of tools.

Rootkits for Windows work in a different way and are typically used to hide malicious software from for example an antivirus scanner. Rootkits are typically not malicious by themselves but are used for malicious purposes by viruses, worms, backdoors and spyware. A virus combined with a rootkit produces what was known as full stealth viruses in the MS-DOS environment.

How dangerous is a rootkit?

The rootkit itself does typically not cause deliberate damage. Its purpose is to hide software. But rootkits are used to hide malicious code. A virus, worm, backdoor or spyware program could remain active and undetected in a system for a long time if it uses a rootkit.

The malware may remain undetected even if the computer is protected with state-of-the-art antivirus. And the antivirus can't remove something that it can't see. The threat from modern malware combined with rootkits is very similar to full stealth viruses that caused a lot of headache during the MS-DOS era. All this makes rootkits a significant threat.

Collegamenti

rss Sito di zeno

Guarda anche nel sito:

Indice Giornali

Indice Televisioni

Indice videomusic