Saturday, July 16, 2011

Rootkits getting tougher and tougher

 Rootkits are one of the worst types of malware you can get on your machine in my opinion. Rootkits are tough to removes, can damage a machine pretty badly, and are just plain terrible to remove. On the bright side OSes are getting tougher to infect (UAC added protection to Windows OSes) however the rootkits are getting tougher and tougher. The Webroot team did some analysis in the new ZeroAccess rootkit. In fact the ZeroAccess rootkit kills the security software found on the machine it infects. Now my parents machine was infected with an early version of TDSS which killed the security software but it was easy to bypass it to get it back up and running again. However the rootkits are getting tougher to simply bypass and boot time scanners now have to be used in many cases to scan the machine. Even then they are not fool proof and guaranteed to fix the machine.

 So what do I recommend to stay safe from these rootkit threats? First make sure you keep your machine updated. The less amount of vulnerabilities the better. Then make sure keep your security software updated so it can detect the latest threats.

No comments:

Post a Comment