Definition - What does Rootkit mean?
A rootkit is software used by a hacker to gain constant administrator-level access to a computer or network. A rootkit is typicially installed through a stolen password or by exploiting a system vulnerabilities without the victim's consent or knowledge.
Rootkits primarily aim at user-mode applications, but they also focus on a computer’s hypervisor, the kernel, or even firmware. Rootkits can completely deactivate or destroy the anti-malware software installed in an infected computer, thus making a rootkit attack difficult to track and eliminate. When done well, the intrusion can be carefully concealed so that even system administrators are unaware of it.
Techopedia explains Rootkit
Rootkits may be also presented as a Trojan or even as a hidden file along with a seemingly harmless file. This can be a graphic or even a silly application distributed via email. When the victim clicks the program or graphic, the rootkits are installed on their system without their knowledge.
Some of the impacts of rootkits are often to:
- Provide the attacker with complete backdoor access, permitting them to falsify or steal documents.
- Hide other malware, especially keyloggers. The keyloggers may then be used to access and steal the victim's sensitive data.
- Enable the attacker to use the infected machine as a zombie computer to trigger attacks on others.