Malware and rootkits team up for mayhem
Home alone after school one day, Tommy scans through the latest blogs and teen Web sites, stopping for a chat or two. Somewhere along the way, the computer's browser hits a site that instantly and silently loads a fourth-generation rootkit onto his system. Without anyone's knowledge, the anti-virus application no longer updates or scans for viruses, the firewall opens ports it shouldn't and, when Tommy's father later logs on to his online bill-paying application, the logon data is automatically transmitted to a server belonging to an identity theft cartel.
Fourth-generation rootkits are so good at hiding themselves that detection and removal goes beyond the capability of home network users and existing signature-based security technologies.
"It's very feasible for attackers to merge rootkits with information-gathering tools and with covert channel tools for stealth communication over firewall-protected networks," says Joanna Rutkowska, rootkit researcher and administrator of www.invisiblethings.org . "By definition, it's much more difficult to detect rootkit-protected attacks from attacks that aren't protected by rootkits. As such, I think the number of [rootkit] infections in the wild is underestimated." Malware and rootkits team up for mayhem
Back to: PC Security, privacy news