Security A to Z: Rootkits

Hackers aren't the only ones using rootkits. The Sony fiasco brought the toolkits into the mainstream.

Natasha Lomas Mobile Phones Editor, CNET UK

Natasha Lomas is the Mobile Phones Editor for CNET UK, where she writes reviews, news and features. Previously she was Senior Reporter at Silicon.com, covering mobile technology in the business sphere. She's been covering tech online since 2005.

See full bio

Natasha Lomas

Nov. 28, 2006 11:55 a.m. PT

Rootkits aren't just for hackers.

A rootkit is a toolkit developed for hackers--a set of programs used to conceal processes, files or data on a hacked system, so the intruder can, for instance, maintain undetected backdoor access. But it's not just the cyber underworld that makes use of rootkit technology.

Rootkits hit the public radar late last year when it was discovered that a Sony BMG antipiracy rootkit embedded on some of its music CDs was being exploited by Trojan horse viruses.

Users who had installed Sony software so they could listen to their music on their PCs also unwittingly installed a digital rights management (DRM) program designed to limit the number of copies of the CD they could make and prevent them from making unprotected MP3s. Several Trojans piggybacked on Sony's DRM tech, cloaking themselves and their nefarious activities. Microsoft even updated its security tools to remove the Sony rootkit, dubbing it a Windows PC security risk.

The issue led to a deeply apologetic Sony recalling millions of CDs and agreeing to pay damages to angry customers.

Natasha Lomas reported for Silicon.com in London.