We review products independently, but we may earn affiliate commissions from buying links on this page. Terms of use. The main difficulty when it comes to keeping up with security risks is that pesky hackers keep finding new ones. As such, it’s near impossible to stay up to date with all the jargon and even harder to make sure every piece of software you use is secure – especially when we use so much of it. One of the most interesting offenders is the “rootkit”. The word actually explains what it is - if you know what you’re looking for. In the Unix operating system, the basis for Apple and several other technologies, the main directory – the one from which all other folders and directories come – is called the Root. So if you have control of the root directory you can get pretty much anywhere in a computer system, whether you’re supposed to or not. In essence, it means having access to software areas that are not allowed to an authorized user. And the collection of tools that enables the malicious software to masquerade as the root is the kit, which over the years has turned into one word - rootkit. The way the attackers get in can be automated or it can be installed once someone has got access to your system. Once it’s in, the infection can hide itself by manipulating the operating system in order to hide its presence to both the user and – if the rootkit’s capabilities are sufficiently sophisticated - even a traditional security solution. One of the most recent and interesting rootkits discovered by Bitdefender is named Scranos. Having the ability to spy on its victims and surreptitiously harvest account credentials from browsers and exfiltrate data stored on the victim’s device, Scranos also had the ability to perform ad fraud, by silently signing up users to YouTube channels, click hidden ads in the background, and even install applications without users’ knowledge. However, these were only some of its capabilities, as it was also able to harvest credentials from victims’ browsers and even exfiltrate data. Step one: basic precautions As you’ll have gathered from the paragraphs above, the first and easiest way a malicious person can get their rootkit onto your system is to get into it by exploiting unpatched vulnerabilities in either the operating system or various applications, or even by employing social engineering techniques that trick users into downloading and executing malicious files or clicking on malicious URLS. This can lead to installing the rootkit which will then take over your system. So the basic precaution you take is to never implicitly trust everything that reaches your inbox and always keep your operating system and applications updated with the latest security patches. Rookits are often referred to as spyware, because their ultimate goal is to help attackers remain undetected on the victim’s machine, while they plant additional malware designed for surveillance and data exfiltration purposes. Scranos a perfect example of rootkit-enabled spyware, whose purpose was to monetize user data either by performing ad fraud or hijacking victim’s accounts after harvesting authentication credentials. Having the latest security updates and patches installed on your system is more than recommended as it prevents attackers from exploiting those vulnerabilities in order to plant their malware. Rootkits are especially one of the most insidious types of malware, allowing attackers to gain a foothold into the victim’s computer and pretty much enabling untethered access in terms of installing or removing applications, and even planting additional malware such as keyloggers, which are designed to intercept passwords and pretty much everything that’s being typed. Scranos was even capable of sending messages to friends after compromising the victims’ social networking accounts, in order to compromise them as well by convincing them to click on tainted URLs. Some of the sent URLs even pointed to malicious .APK files, ticking victims into installing Android malware if they would have visited the link from their Android-running mobile devices. Step two: total security The second step, once you’ve made it difficult for criminals to use a rootkit to get into your system, is to make it all but impossible. You do this by securing it overall with something like Bitdefender Total Security, which includes security layers designed to detect and prevent these types of threats from both reaching and gaining a foothold on your computer. Rootkit is just one of the varieties of malware against which it will defend – and the company has rootkit-specific help for when it is needed. Rootkits come from different ‘families’ and once they are on a system they are difficult to get rid of without expert help. Hopefully you’ll never be in a position to need to understand all those strange sounding names and their various peculiarities; Bitdefender exists to help in the unhappy event that you do.
Wir nutzen Cookies auf unserer Website. Einige von ihnen sind essenziell für den Betrieb der Seite, während andere uns helfen, diese Website und die Nutzererfahrung zu verbessern (Tracking Cookies). Sie können selbst entscheiden, ob Sie die Cookies zulassen möchten. Bitte beachten Sie, dass bei einer Ablehnung womöglich nicht mehr alle Funktionalitäten der Seite zur Verfügung stehen.
We review products independently, but we may earn affiliate commissions from buying links on this page. Terms of use. The main difficulty when it comes to keeping up with security risks is that pesky hackers keep finding new ones. As such, it’s near impossible to stay up to date with all the jargon and even harder to make sure every piece of software you use is secure – especially when we use so much of it. One of the most interesting offenders is the “rootkit”. The word actually explains what it is - if you know what you’re looking for. In the Unix operating system, the basis for Apple and several other technologies, the main directory – the one from which all other folders and directories come – is called the Root. So if you have control of the root directory you can get pretty much anywhere in a computer system, whether you’re supposed to or not. In essence, it means having access to software areas that are not allowed to an authorized user. And the collection of tools that enables the malicious software to masquerade as the root is the kit, which over the years has turned into one word - rootkit. The way the attackers get in can be automated or it can be installed once someone has got access to your system. Once it’s in, the infection can hide itself by manipulating the operating system in order to hide its presence to both the user and – if the rootkit’s capabilities are sufficiently sophisticated - even a traditional security solution. One of the most recent and interesting rootkits discovered by Bitdefender is named Scranos. Having the ability to spy on its victims and surreptitiously harvest account credentials from browsers and exfiltrate data stored on the victim’s device, Scranos also had the ability to perform ad fraud, by silently signing up users to YouTube channels, click hidden ads in the background, and even install applications without users’ knowledge. However, these were only some of its capabilities, as it was also able to harvest credentials from victims’ browsers and even exfiltrate data. Step one: basic precautions As you’ll have gathered from the paragraphs above, the first and easiest way a malicious person can get their rootkit onto your system is to get into it by exploiting unpatched vulnerabilities in either the operating system or various applications, or even by employing social engineering techniques that trick users into downloading and executing malicious files or clicking on malicious URLS. This can lead to installing the rootkit which will then take over your system. So the basic precaution you take is to never implicitly trust everything that reaches your inbox and always keep your operating system and applications updated with the latest security patches. Rookits are often referred to as spyware, because their ultimate goal is to help attackers remain undetected on the victim’s machine, while they plant additional malware designed for surveillance and data exfiltration purposes. Scranos a perfect example of rootkit-enabled spyware, whose purpose was to monetize user data either by performing ad fraud or hijacking victim’s accounts after harvesting authentication credentials. Having the latest security updates and patches installed on your system is more than recommended as it prevents attackers from exploiting those vulnerabilities in order to plant their malware. Rootkits are especially one of the most insidious types of malware, allowing attackers to gain a foothold into the victim’s computer and pretty much enabling untethered access in terms of installing or removing applications, and even planting additional malware such as keyloggers, which are designed to intercept passwords and pretty much everything that’s being typed. Scranos was even capable of sending messages to friends after compromising the victims’ social networking accounts, in order to compromise them as well by convincing them to click on tainted URLs. Some of the sent URLs even pointed to malicious .APK files, ticking victims into installing Android malware if they would have visited the link from their Android-running mobile devices. Step two: total security The second step, once you’ve made it difficult for criminals to use a rootkit to get into your system, is to make it all but impossible. You do this by securing it overall with something like Bitdefender Total Security, which includes security layers designed to detect and prevent these types of threats from both reaching and gaining a foothold on your computer. Rootkit is just one of the varieties of malware against which it will defend – and the company has rootkit-specific help for when it is needed. Rootkits come from different ‘families’ and once they are on a system they are difficult to get rid of without expert help. Hopefully you’ll never be in a position to need to understand all those strange sounding names and their various peculiarities; Bitdefender exists to help in the unhappy event that you do.