rootkit


Also found in: Dictionary, Thesaurus, Medical, Wikipedia.

rootkit

A type of Trojan that keeps itself, other files, registry keys and network connections hidden from detection. It enables an attacker to have "root" access to the computer, which means it runs at the lowest level of the machine. A rootkit typically intercepts common API calls. For example, it can intercept requests to a file manager such as Explorer and cause it to keep certain files hidden from display, even reporting false file counts and sizes to the user. Rootkits came from the Unix world and started out as a set of altered utilities such as the ls command, which is used to list file names in the directory (folder).

Legitimate Rootkits?
Rootkits can also be used for what some vendors consider valid purposes. For example, if digital rights management (DRM) software is installed and kept hidden, it can control the use of licensed, copyrighted material and also prevent the user from removing the hidden enforcement program. However, such usage is no more welcomed than a rootkit that does damage or allows spyware to thrive without detection. See Trojan.
Copyright © 1981-2019 by The Computer Language Company Inc. All Rights reserved. THIS DEFINITION IS FOR PERSONAL USE ONLY. All other reproduction is strictly prohibited without permission from the publisher.
Mentioned in ?
References in periodicals archive ?
"Although, in theory we were aware that UEFI rootkits existed, our discovery confirms they are used by an active APT group.
In recent years, researchers change the rootkit defense landscape by leveraging recent advances of virtualization, and propose virtual machine introspection technology to build IDSes [10] [12] [13].
Recent researches are showing that seven of the top ten threats in 2012 were rootkits and that the number of boot-level rootkits increased dramatically,” said Avishai Ziv, vice president of Cyber Security Solutions at LynuxWorks.
Depending on the level of exploitation, a rootkit can operate in the user space and the kernel space.
The rootkit used was designed specifically to exploit these three features but, according to Vinod Ganapathy and Liviu Iftode, two of the scientists who helped to develop it, this is just the tip of the iceberg.
The only reliable way to cure a rootkit infection is to re-install the operating system and applications.
Rootkit Detective was developed by Avert(R) Labs, McAfee's top-ranked global security threat and research organization.
Rootkits are malware designed to hide themselves in another application or operating system.
Some days later, during a routine security check on his machine, he found something odd: a bunch of files he identified as a "rootkit".
The technology, which was designed to replace music with static should a user attempt to illegally copy the CD, was also found to secretly install a "rootkit" on PC users' computers (a program frequently used by hackers to gain access to and control a computer system without the user's knowledge).
The suits against Sony BMG claim that its DRM solution is a rootkit, a tactic best known for its use in spyware and Trojan horses.