Ads
related to: rootkit definition
Search results
Results From The WOW.Com Content Network
Rootkit detection is difficult because a rootkit may be able to subvert the software that is intended to find it. Detection methods include using an alternative and trusted operating system , behavior-based methods, signature scanning, difference scanning, and memory dump analysis.
Torpig, also known as Anserin or Sinowal is a type of botnet spread through systems compromised by the Mebroot rootkit by a variety of trojan horses for the purpose of collecting sensitive personal and corporate data such as bank account and credit card information.
Alureon (also known as TDSS or TDL-4) is a trojan and rootkit created to steal data by intercepting a system's network traffic and searching for banking usernames and passwords, credit card data, PayPal information, social security numbers, and other sensitive user data. [1]
Detecting rootkits is separated into many complex layers that include integrity checking and behavioral detection. By checking the CPU usage, ongoing and outgoing network traffic, or the signatures of drivers, simple anti-virus tools can detect common rootkits. However, this is not the case with a kernel type rootkit.
Malware (a portmanteau of malicious software) [1] is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive access to information, or which unknowingly interferes with the user's computer security and privacy.
Blue Pill is the codename for a rootkit based on x86 virtualization.Blue Pill originally required AMD-V (Pacifica) virtualization support, but was later ported to support Intel VT-x (Vanderpool) as well.