Rootkits Making More Spyware, Adware Stick

The sharp rise in rootkits--sneaky software used to conceal malicious code from security programs--is due to spyware and adware purveyors trying to prevent their wares from being easily uninstalled, security experts said Thursday. Finnish-based F-Secure, which has integrated its BlackLight rootkit scanner into its security suite, claimed that since October, the most common rootkit in the wild is the one used by the Apropos spyware program.

Apropos uses a silent installer to disguise its planting on the hard drive, and a kernel-mode rootkit to hide from detection, said F-Secure. The rootkit starts automatically early in the boot process--to avoid detection by security software, which typically loads later in the boot-up procedure--and can hide files, directories, registry keys, and Windows processes. Security Pipeline | Rootkits Making More Spyware, Adware Stick

Linked by shanmuga Thursday, 8th December 2005 11:56PM