What Is Rootkit ? Different Types Of Rootkits .


 What Is Rootkit ?

A rootkit is a clandestine computer program designed to provide continued privileged access to a computer while actively hiding its presence. The term rootkit is a connection of the two words "root" and "kit." Originally, a rootkit was a collection of tools that enabled administrator-level access to a computer or network. Root refers to the Admin account on Unix and Linux systems, and kit refers to the software components that implement the tool. Today rootkits are generally associated with malware – such as Trojans, worms, viruses – that conceal their existence and actions from users and other system processes.

Rootkit installation can be automated, or an attacker can install it once they've obtained root or Administrator access. Obtaining this access is a result of direct attack on a system, i.e. exploiting a known vulnerability (such as privilege escalation) or a password (obtained by cracking or social engineering tactics like "phishing"). Once installed, it becomes possible to hide the intrusion as well as to maintain privileged access. The key is the root or administrator access. Full control over a system means that existing software can be modified, including software that might otherwise be used to detect or circumvent it.
Related Articles :- 
 What Is Adware ? Different Types Of Adware . 
What Is Rootkit ? Different Types Of Rootkits .What Is Ransomware ? 
Different Types Of Ransomware . 
What Is Scareware ? Effects Of Scareware .

The presence of a rootkit on a network was first documented in the early 1990s. At that time, Sun and Linux operating systems were the primary targets for a hacker looking to install a rootkit. Today, rootkits are available for a number of operating systems, including Windows, and are increasingly difficult to detect on any network.

Rootkits have become more common and their sources more surprising. In late October of 2005, security expert Mark Russinovich of Sysinternals discovered that he had a rootkit on his own computer that had been installed as part of the digital rights management (DRM) component on a Sony audio CD. Experts worry that the practice may be more widespread than the public suspects and that attackers could exploit existing rootkits. "This creates opportunities for virus writers," said Mikko Hypponen, director of AV research for Finnish firm F-Secure Corp. "These rootkits can be exploited by any malware, and when it's used this way, it's harder for firms like ours to distinguish the malicious from the legitimate."

Different Types Of Rootkits :-

Kernel Rootkits :-

 Kernel is the core of the Operating System and Kernel Level Rootkits are created by adding additional code or replacing portions of the core operating system, with modified code via device drivers (in Windows) or Loadable Kernel Modules (Linux). Kernel Level Rootkits can have a serious effect on the stability of the system if the kit’s code contains bugs. Kernel rootkits are difficult to detect because they have the same privileges of the Operating System, and therefore they can intercept or subvert operating system operations.

 Firmware Rootkits :-

Firmware rootkits are actually embedded within the firmware of devices such as network devices.  A firmware rootkit is activated if a BIOS function is called or when the machine is booted. The root kit would always be available as long as the device is. And can be harder to detect. Thats why its good to let your anti virus scan every device that you plugin.

User or Application rootkit :-

 A user or application rootkit hides itself in the application program. It hides with other application programs in the user mode. A user rootkit doesn’t have access to the kernel.These rootkits operate inside the victim computer by changing standard application files with rootkit files, or changing the behavior of present applications with patches, injected code etc. When a specific program is run the rootkit will start up, and when the program is ended the rootkit is ended.
Related Articles :-
What Is Computer Virus ? Different Types Of Computer Virus .  
 What Is Trojan Horse ? Types Of Trojan Horse .
What Is Computer Worm ? Different Types Of Computer Worms . 
What Is Spyware ? Types Of Spyware and Effects Of Spyware .

Memory rootkit :-

 A memory rootkit is the one which hides itself in the memory (RAM).

Hypervisor Or Virtualized Rootkits :-

 Hypervisor (Virtualized) Level Rootkits are created by exploiting hardware features such as Intel VT or AMD-V (Hardware assisted virtualization technologies). Hypervisor level rootkits hosts the target operating system as a virtual machine and therefore they can intercept all hardware calls made by the target operating system.

Bootloader Or Bootkit Rootkits :-

 Boot loader Level (Bootkit) Rootkits replaces or modifies the legitimate boot loader with another one thus enabling the Boot loader Level (Bootkit) to be activated even before the operating system is started. Boot loader Level (Bootkit) Rootkits are serious threat to security because they can be used to hack the encryption keys and passwords.

Persistent Rootkits :-

When the system starts up the rootkit starts up and stays running until the system is shutdown, and even if the system process is ended it will restart the process.

Library Rootkits :-

In software applications that use code library files such as windows ddls. The rootkit can intercept specific systems and API calls and replace them with its own code. A library rootkit hides itself in the system library.



Bachelor Couses,4,Career,28,Digital,17,Education,20,Engineering,4,Festival Wishes,13,Govt. Jobs,24,Smartphone Specifications,15,Social Media,5,Space And Satellite,22,Tech News,65,Technology,35,
EDUCATIONALTECHS: What Is Rootkit ? Different Types Of Rootkits .
What Is Rootkit ? Different Types Of Rootkits .
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share. STEP 2: Click the link you shared to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy
Use Of Cookies : This portal, like most Internet portals, uses cookies to improve the user experience...