Slashdot Mirror

← Back to Stories (view on slashdot.org)

Rootkit Creators Turn Professional

Posted by ryuzaki0 on from the where-the-money-is dept.

pete richards writes "Signalling a trend towards increased 'outsourcing' of some elements of malware creation, worm authors are increasingly turning to commercially available rootkits to help their creations slip past virus detection engines. Those root kits in the mean time are becoming more professional. Antivirus vendor F-Secure reported last week that it had detected a first rootkit designed to bypass detection by most of the modern rootkit detection engines."

3 of 117 comments (clear)

  1. Re:How dare they! by KiloByte · · Score: 4, Informative

    Like, SuckIt?

    --
    The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
  2. Re:Misuse of the term by jaseuk · · Score: 5, Informative

    Root kits will normally includ things such as modded ps and other modified binaries so that the system appears to be running fine, yet has a backdoor and any logging / system monitoring tools will not show any processes or activity.

    There is more to a root kit than just a replacement ps, but of course that is a critical element.

    No it's not rocket science, but in practice modding system binaries whilst on the outside keeping the system appearing to be running normally is much harder, different library / operating system / architectures to deal with and the fact that you are messing around with core system files.

  3. Re:Easy prey? by ArsenneLupin · · Score: 4, Informative
    There probably isn't a law against rootkits, and there shouldn't be. There should be a law against using them to break into systems that you are not authorized to enter, and there is a law against that.

    A rootkit isn't a tool to break into a machine; it's a tool to hide your presence once you've already broken into the machine...

    Is VNC a rootkit?

    No. But a tool hiding VNC from the process list might be.