By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
10alert.com10alert.com
  • Threats
    • WordPress ThreatsDanger
    Threats
    A cyber or cybersecurity threat is a malicious act that seeks to damage data, steal data, or disrupt digital life in general. Cyber threats include…
    Show More
    Top News
    CosmicStrand: a UEFI rootkit
    8 months ago
    Cloak and Dagger: A hole in Android
    7 months ago
    Mobile malware masked as porn apps
    8 months ago
    Latest News
    Safeguards against firmware signed with stolen MSI keys
    1 day ago
    WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
    1 day ago
    Wordfence Intelligence Weekly WordPress Vulnerability Report (May 15, 2023 to May 21, 2023)
    6 days ago
    Wordfence Firewall Blocks Bizarre Large-Scale XSS Campaign
    1 week ago
  • Fix
    Fix
    Troubleshooting guide you need when errors, bugs or technical glitches might ruin your digital experience.
    Show More
    Top News
    Surface Pro 4 teardown: Get a closer look at the components
    8 months ago
    How to reset Windows Update components on Windows 10
    8 months ago
    Windows 11 build 22610 with new changes in Dev and Beta Channels
    8 months ago
    Latest News
    How automatically delete unused files from my Downloads folder?
    4 months ago
    Now you can speed up any video in your browser
    4 months ago
    How to restore access to a file after EFS or view it on another computer?
    4 months ago
    18 Proven Tips to Speed Up Your WordPress Site and Improve SEO | 2023 Guide
    5 months ago
  • How To
    How ToShow More
    What is two-factor authentication | Kaspersky official blog
    2 days ago
    Acer refreshes Windows 11 PCs for work and play: Swift Edge 16 and Predator Triton 16
    4 days ago
    NVIDIA GeForce RTX 4080 New Mercury Editions of Razer Blade 16 and Blade 18 now available
    4 days ago
    How Oxy uses hooks for maximum extensibility
    How Oxy uses hooks for maximum extensibility
    5 days ago
    The personal threat landscape: securing yourself smartly
    5 days ago
  • News
    News
    This category of resources includes the latest technology news and updates, covering a wide range of topics and innovations in the tech industry. From new…
    Show More
    Top News
    How do you know if your accounts have been hacked?
    8 months ago
    How to protect yourself from piercing by IP address?
    8 months ago
    How to find out the IP address of your enemy in a couple of clicks
    8 months ago
    Latest News
    How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11
    2 days ago
    How to enable Taskbar End Task option to close apps on Windows 11
    2 days ago
    How to check USB4 devices specs from Settings on Windows 11
    2 days ago
    How to enable new header UI for File Explorer on Windows 11
    1 week ago
  • Glossary
  • My Bookmarks
Reading: How to Fight Rootkits -Kaspersky Daily
Share
Notification Show More
Aa
Aa
10alert.com10alert.com
  • Threats
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
  • Threats
    • WordPress ThreatsDanger
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
Follow US
ThreatsWordpress Threats

How to Fight Rootkits -Kaspersky Daily

Vitus White
Last updated: 13 October
Vitus White 8 months ago
Share
4 Min Read

Security professionals and enthusiasts are aware of rootkits, but general audiences typically don’t know about this kind of malware, which is specifically designed to hide itself and its activity in an infected system. This threat is well worth public awareness as there’s a high chance of you possibly meeting this malware in the future. Cybercriminals are constantly developing new methods to steal your data and actively sell these methods to each other.

rootkit_title

The ability to hide itself allows this type of malware to live on the victim’s system for months and sometimes even years, letting a hacker use the computer for any purpose. Even if a computer doesn’t contain any valuable information, which is unlikely, it could still be used for producing digital currency (bitcoins), sending spam and participating in a DDoS attacks. Rootkit functionality allows hackers to hide malicious activity not only from built-in OS monitoring tools, but from antivirus and firewall sensors as well. That’s why we suggest checking your antivirus and internet security system for the existence of an anti-rootkit function and its efficiency.

The ability to hide itself allows this type of malware to live on the victim’s system for months and sometimes even years, letting a hacker use the computer for any purpose.

What makes a rootkit invisible? It’s not that complicated to explain: malware tries to integrate its code deep into an operating system and intercept all standard requests for file reading, obtaining the running process list, etc.  A rootkit processes such requests and removes any mention of files, processes and other traces related to its activity.  Other techniques are utilized as well – e.g. a rootkit can inject some code into a legitimate process and use that process memory to do its dirty work.  That allows a rootkit to remain invisible to less advanced antivirus solutions, which work on a high level of OS requests and don’t try to dive deeper into the OS or other low-level hardware structures. If an antivirus managed to detect a rootkit, the malware could try to deactivate the protection and delete some critical antivirus components. Some of the more crafty rootkits even use live-bait fishing technology – creating a special file to be detected by an antivirus. As soon as the antivirus software accesses that file, the rootkit has tried to shut the antivirus down and prevent it from future execution.

How can you stop this mess? First of all, to detect any suspicious activity, your antivirus must monitor critical system files on a low level, thus catching malware trying to modify the hard drive. It’s possible to find new rootkit that are still unknown to your antivirus just by comparing computer activity as seen on the OS level with results of low-level monitoring. Secondly, it’s crucial to have sufficient antivirus self-protection so malware cannot deactivate your product. And last, but not least, an antivirus has to remove 100% of rootkit components, even those injected into critical files of the OS. It’s impossible to solve this problem just by deleting files – this renders the OS nonfunctional, so your antivirus would remove those files without affecting the original functionality.

So make sure your protection meets these requirements before saying “I know, what a rootkit is and I am sure that my antivirus solution efficiently protects me from this threat.”


Source: kaspersky.com

Translate this article

TAGGED: Malware, Rootkit, RTF, Security, Software, Split tunneling, Threat, Threats
Vitus White October 13, 2022 October 7, 2022
Share this Article
Facebook Twitter Reddit Telegram Email Copy Link Print

STAY CONECTED

24.8k Followers Like
253.9k Followers Follow
33.7k Subscribers Subscribe
124.8k Members Follow

LAST 10 ALERT

Safeguards against firmware signed with stolen MSI keys
Threats 1 day ago
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
Wordpress Threats 1 day ago
How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11
News 2 days ago
How to enable Taskbar End Task option to close apps on Windows 11
News 2 days ago
How to check USB4 devices specs from Settings on Windows 11
News 2 days ago

Recent Posts

  • Safeguards against firmware signed with stolen MSI keys
  • WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
  • How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11
  • How to enable Taskbar End Task option to close apps on Windows 11
  • How to check USB4 devices specs from Settings on Windows 11

You Might Also Like

Threats

Safeguards against firmware signed with stolen MSI keys

1 day ago
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
Wordpress Threats

WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin

1 day ago
News

How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11

2 days ago
How To

What is two-factor authentication | Kaspersky official blog

2 days ago
Show More

Related stories

How to Use Cloudflare to Secure Your WordPress Site
How To Starting Chrome from the command line
How to fix error 0x80070057 in Chrome?
Windows 10 How To Disable Slide to Shutdown
Windows search not working (FIX)
How to watch movies and TV series for free on Kinopoisk?
Previous Next

10 New Stories

What is two-factor authentication | Kaspersky official blog
Acer refreshes Windows 11 PCs for work and play: Swift Edge 16 and Predator Triton 16
NVIDIA GeForce RTX 4080 New Mercury Editions of Razer Blade 16 and Blade 18 now available
How Oxy uses hooks for maximum extensibility
The personal threat landscape: securing yourself smartly
Wordfence Intelligence Weekly WordPress Vulnerability Report (May 15, 2023 to May 21, 2023)
Previous Next
Hot News
Safeguards against firmware signed with stolen MSI keys
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11
How to enable Taskbar End Task option to close apps on Windows 11
How to check USB4 devices specs from Settings on Windows 11
10alert.com10alert.com
Follow US

© 10 Alert Network. All Rights Reserved.

  • Privacy Policy
  • Contact
  • Customize Interests
  • My Bookmarks
  • Glossary
Go to mobile version
adbanner
AdBlock Detected
Our site is an advertising supported site. Please whitelist to support our site.
Okay, I'll Whitelist
Welcome Back!

Sign in to your account

Lost your password?