Kaspersky Lab analysis of a specific type of malware
Kaspersky Lab, a leading developer of secure content management solutions that protect against viruses, spyware, Trojans, hacker attacks and spam, releases a new report on the rapid development of rootkits. In April 2005 the number of rootkits detected monthly nearly doubled. This latest report from Kaspersky Lab's analysts looks at what makes rootkits dangerous, how they are detected, why they have become more numerous in 2005, and why they are increasingly being used for malicious purposes.
To read the full report – “Rootkits and how to combat them” – visit www.viruslist.com.
The term “rootkit” refers to a set of programs that allow a hacker to maintain access to a computer after cracking it and that prevent the hacker being detected. Both writers of illegal viruses and developers of so-called “legal” spyware programs openly advertise that programs concealed using rootkits are invisible to the user and undetectable by antivirus programs.
The report states that, “The increased popularity of rootkits is partly due to the fact that the source code of many rootkits is now openly available on the Internet. It's relatively easy for virus writers to make small modifications to such code. Another factor which influences the increased use of rootkits is the fact that most Windows users use the administrator's account, rather than creating a separate user account. This makes it much easier to install a rootkit on the victim machine.”
