There is a scourge in the world of professional security that no one likes to talk about.
It has been around for a few years but we are only now creating the tools to get this piece of malware off of peoples computer safely.
This piece of code that everyone is scared of is called a rootkit.
The rootkit has been around for a long time but it first garnered public attention back in 2005 when the Sony corporation placed a rootkit on their CD’s to prevent piracy.
This set off all kinds of alarms and Sony was quickly forced to remove the offending piece of code from distribution.
A rootkit is a dangerous piece of software and I will discuss more of why that is later in the article.
What Is A Rootkit Exactly?
Let me begin by describing what a rootkit actually is and what exactly it does to your computer.
A rootkit is basically a piece of code that hides very deep in the background of your system but never lets the computer know that it is there.
If you look in your task bar, you will normally see all of the processes that are running on your computer.
A rootkit is able to obscure that ability so you will never know that it is installed on your system.
Once the rootkit has attached itself, it then uses another security hole to allow it to escalate its privileges on your machine.
Once it is able to do that then there is no stopping the damage that can be done.
There are tools now that can eliminate a rootkit from your system but most people will never know it is on there until it is too late.
That is why it pays to run a normal antivirus scan on your computer at least once a week (more often, such as daily, would be preferable).
If you do not see a problem going on then you will not think that there is a problem to solve.
Most rootkits are used so that the attacker has the ability to take over your computer.
Once the computer is considered “pwned”, they will use it for their own nefarious purposes.
Some of the purposes include sending email out of your machine or running a ddos attack on someone elses web site.
The whole time your machine could be part of this scam and you would never even know it.
Some rootkits have been known to stay dormant for months before they activate and then all of the sudden take over your machine.
With your machine and a couple hundred others, an attacker could do some real damage on the internet.
As you can see a rootkit can be a very dangerous thing to have installed on your computer.
I must emphasize again this is why you should run at least a weekly scan on your computer, a nightly scan while you are sleep would be better.
Just because you do not see that there is a problem does not mean that it is not there.