Rootkit (virus,malware)

A rootkit is a stealthy type of malicious software(Malware) designed to hide the existence of certain process or program from normal methods of detection and enables continued.
rootkit is a concatenation of root and the world kit
what rootkit virus  can do?
first attacker installs a rootkit on a computer after first root level access.either by exploiting known vulnerability or by obtaining a password
Once a rootkit is installed, it allows an attacker to mask the ongoing intrusion and maintain privileged access to the computer by circumventing normal authentication and authorization mechanisms.


How rootkit can Work ?
rootkit detection is difficult because rootkit may be able to subvert the software that is indeed to find it. Detection methods include using an alternative.
behavioral based methods, signature scanning , difference scanning and memory dump analysis.
Removable can be complicated or practically impossible,especially in cases where the rootkit resides.
Provide an attacker with full access via backdoor.Permitting unauthorized access .
Password stealing
Appropriate the compromised machine as a Zombie computer for attacks on other computers.
Zombie computers are typically member of large botnet that can launch denial of service attacks and distribute E-mail spam.

Rootkit (virus,Malware)


Wolf - 150 x 150