The rise of rootware

The rise of rootware

In their talk at Black Hat, R^2: The Exponential Growth of Rootkit Techniques, security researchers Jamie Butler and William Arbaugh laid out a beginner's course on rootkits to kick off a day of programming around that topic. Butler and Arbaugh covered the history of rootkits, dating the awareness of the concept, which they define as any software that hides its operation from the system kernel, administrator, and security software, back to Clifford Stoll's bestselling book, The Cuckoo's Egg, in the late 1980s. Over the next 20 years, rootkits remained a quiet element in the security field, mostly affecting enterprise networks and mostly seen in user applications. Recently, however the controversy around Sony's use of a rootkit last year brought rootkits back into the news. That's bad, the researchers say. The heightened awareness and the fact that most security software can't accurately detect rootkits got spyware companies interested in using the technology to hide their keystroke loggers and other malware from users and security software alike. The researchers have dubbed this new convergence rootware. They noted that rootkits do have good uses as well as bad, making detection and remediation difficult. They cited the similarity between ZoneAlarm and the UAY rootkit from China that uses many of the same processes as ZoneAlarm, which offers kernel-based firewall protection.

Featured Video
6
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

The problem with hoarding photos on your phone

Do you have hundreds (or thousands) of photos on your phone? This one's for you.

by Sharon Profis