Thread: Different Types of Rootkits

Tweet

In this thread i will be discussing 5 different types of rootkits,

* Firmware
* Kernel
* Persistent
* Application
* Library


But first a little something about rootkits.
A rootkit is a backdoor program that allows the hacker remote access to the victims computer. A well known example of rootkits in use was when Sony BMG installed root kits on there CDs as a secret campaign to fight back against copyright and piracy.

Firmware Rootkits
Firmware rootkits are actually embedded within the firmware of devices such as network devices. The root kit would always be available as long as the device is. And can be harder to detect. Thats why its good to let your anti virus scan every device that you plugin.

Kernel Rootkits
A kernel rootkit is embedded within the operating system core itself. People mostly find these form of rootkit when they are using an illegal copy of an operating system.

Persistent Rootkits
When the system starts up the rootkit starts up and stays running until the system is shutdown, and even if the system process is ended it will restart the process.

Application Rootkits
When a specific program is run the rootkit will start up, and when the program is ended the rootkit is ended.

Library Rootkits
In software applications that use code library files such as windows ddls. The rootkit can intercept specific systems and API calls and replace them with its own code.

Most anti viruses can detect root kits but they can also be a pain in the ass to remove. Depending on the type of rootkit sometimes its easer to re-install the OS

Check out the original thread at Tech Forumz