Rootkit

Last Updated: December 6, 2018

Definition - What does Rootkit mean?

A rootkit is software used by a hacker to gain constant administrator-level access to a computer or network. A rootkit is typicially installed through a stolen password or by exploiting a system vulnerabilities without the victim's consent or knowledge.

Rootkits primarily aim at user-mode applications, but they also focus on a computer’s hypervisor, the kernel, or even firmware. Rootkits can completely deactivate or destroy the anti-malware software installed in an infected computer, thus making a rootkit attack difficult to track and eliminate. When done well, the intrusion can be carefully concealed so that even system administrators are unaware of it.

Free White Paper: "AI and ML in the Oil and Gas Industry". Take a look at 10 real-world use cases that demonstrate how AI and ML are already being used in the oil and gas industry, and how AI innovation can help renew the industry.

Techopedia explains Rootkit

Rootkits may be also presented as a Trojan or even as a hidden file along with a seemingly harmless file. This can be a graphic or even a silly application distributed via email. When the victim clicks the program or graphic, the rootkits are installed on their system without their knowledge.

Some of the impacts of rootkits are often to:

Provide the attacker with complete backdoor access, permitting them to falsify or steal documents.
Hide other malware, especially keyloggers. The keyloggers may then be used to access and steal the victim's sensitive data.
Enable the attacker to use the infected machine as a zombie computer to trigger attacks on others.