Rootkit installation can be automated, or an attacker can install it after having obtained root or Administrator access. Obtaining this access is a result of direct attack on a system, i. Rootkit detection is difficult the antivirus definition a rootkit may be able to subvert the software that is intended to find it.
Did not find what they wanted? Try here
Detection methods include using an alternative and trusted operating system, behavioral-based methods, signature scanning, difference scanning, and memory dump analysis. The term rootkit or root kit originally referred to a maliciously modified set of administrative tools for a Unix-like operating system that granted “root” access. The first malicious rootkit for the Windows NT operating system appeared in 1999: a trojan called NTRootkit created by Greg Hoglund. In 2005, Sony BMG published CDs with copy protection and digital rights management software called Extended Copy Protection, created by software company First 4 Internet. Modern rootkits do not elevate access, but rather are used to make another software payload undetectable by adding stealth capabilities.
Most rootkits are classified as malware, because the payloads they are bundled with are malicious. Provide an attacker with full access via a backdoor, permitting unauthorized access to, for example, steal or falsify documents. Conceal other malware, notably password-stealing key loggers and computer viruses. Appropriate the compromised machine as a zombie computer for attacks on other computers.
The attack originates from the compromised system or network, instead of the attacker’s system. Conceal cheating in online games from software like Warden. Detect attacks, for example, in a honeypot. Enhance emulation software and security software. Anti-theft protection: Laptops may have BIOS-based rootkit software that will periodically report to a central authority, allowing the laptop to be monitored, disabled or wiped of information in the event that it is stolen.