140 likes | 157 Views
A rootkit is a collection of computer software, typically malicious, designed to enable access to, Obtaining this access is a result of direct attack on a system, i.e. exploiting a known vulnerability (such as privilege escalation) or a password. Get more information at https://blog.reasonsecurity.com/2015/06/08/what-is-a-rootkit/
E N D
Origin and Mission of Rootkits Examples of known rootkits What sets rootkits apart from othermalware? Protect yourself againstrootkits POINTS OF DISCUSSION Introduction
If your data center tells you they need to re-install the operating system onto one of your servers, there’s a good chance it’s due to a rootkit. Malicious rootkits are one of the most dangerous tools that cybercriminalsuse. INTRODUCTION
The term rootkit originates from “root” in UNIX-based operating systems, which is the most privileged administration account in the system. With root-level access, uses can do virtually anything on thesystem. As for the “kit” in rootkit, it’s just an abbreviation of the word“toolkit.” ORIGIN AND MISSION OFROOTKITS
Lane Davis and Steven Dake - wrote the earliest known rootkit in the early1990s. NTRootkit – one of the first malicious rootkits targeted at WindowsOS. HackerDefender – this early Trojan altered/augmented theOSataverylowleveloffunctionscals. EXAMPLES OF KNOWNROOTKITS
Stuxnet - the first known rootkit for industrial control systems. Flame - a computer malware discovered in 2012 that atacks computers running Windows OS. It can record audio, screenshots, keyboard activity and network trafic.
WHAT SETS ROOTKITS APART FROM OTHERMALWARE? For obvious reason, rootkits are also known as “stealth viruses”, although they do not fit the definition of a virus. But how do rootkits differ exactly from other types ofmalware?
Virus: A virus at aches itself to an executable file or program. Although it replicates itself autonomously, it’s not able to spread further on its own, but usualy only with the help of people or otherprograms. Worm:Thistermreferstoaspecialsub-classofcomputer virusthatcanspread independently usingasystem’sdata transmissionfunctions.
Rootkits: The rootkit is considered to be a type of Trojan horse. Many Trojan horses exhibit the characteristics of a rootkit. The main difference is that rootkits actively conceal themselves in a system and also typically provide the hacker with administrator rights.
Ensure your system is properlypatched. Don’t download unknownfiles Don’t open email attachments from unknown senders In addition to the above tips, you can mount an even stronger defense against rootkits by installing an antivirus. PROTECT YOURSELF AGAINSTROOTKITS
CONTACTUS Email:info@reasonsecurity.com Website:www.reasonsecurity.com