All about ROOTKITS in Cyber Security !!

Rootkit is a software program, typically malicious, that provides privileged, root level access to a computer while concealing its presence on that machine.

Rootkit tools (popular ones)

·       Purple Fox

·       MoonBounce

·       TDSS

Rootkit types

·       Hypervisor rootkit: It takes advantage of the hardware virtualization and is installed between the hardware and the kernel acting as the real hardware.

·       Kernel rootkit: Kernel Rootkits are specifically designed to attack the core of your operating system and change its functioning.

·       Bootloader rootkit: The bootloader rootkit attacks the legit bootloader and replaces it with the hacked one so that attackers could control the system boot.

·       Application rootkit: Application Rootkits replaces the legitimate files of the genuine applications with the infected ones so that the hackers could get control over them. Every time the user opens the infected application, the attacker behind the application rootkit gets access to the system.

·       Memory rootkit: Memory Rootkits are one of the dangerous rootkits. They hide in the Random Access Memory (RAM) of the system and consume CPU power, stopping all other processes and freezing the system.

Detecting rootkit: Detecting a rootkit on a computer can be difficult as this kind of malware is designed to stay hidden. Still there are various methods to detect a rootkit.

·       Integrity based

·       Behavior based

·       Signature based

·       Run-time execution

·       Cross-view based

·       Alternate trusted

·       Analysing memory dumps

Anti-rootkits

·       TDSS root killer

·       Stinger

·       Avastone

·       Rootkit buster

FOLLOW US HERE - Twitter FACEBOOK

 

Location: Kanpur, Uttar Pradesh, India

Comments

Post a Comment

Popular posts from this blog

Find out what the Dark Web is and How you can access it ?

Image
 Dark Web is a World Wide Web content that exists on dark net ( network that use the internet but require a specific software ). Deep and Dark web are applications of integral internet features to provide privacy and anonymity. Is it safe to use Dark Web? A person with an ordinary knowledge about techy things should never go to Dark web because he will not be able to protect his own identity. Hackers are looking for such people who are noob. After getting into dark web they can steal your identity and use it for their work and it may be an illegal work too. And why you want to browse the dark web,there's no need. You may also get some virus in your device and your all data can be hacked in just few minutes. Difference between Deep Web and Dark Web- The deep web contains internet content you can't find through search engines, while the dark web is a hidden network that requires a special browser to access. Surface Web The portion of world wide web that is readily available to th...
Read more

All about Keyloggers!!

  A keylogger, sometimes called a keystroke logger, is a type of surveillance technology used to monitor and record each keystroke on a specific computer. Consider it as a threat because… Keyloggers are often used as a spyware tool by cybercriminals to steal personally identifiable information (PII), login credentials and sensitive enterprise data. Keylogger tools for windows ·        All in One ·        Elite ·        Spytector Keylogger tools for MacOS ·        sentryPC ·        FlexiSPY ·        REFOG Keylogger Keylogger tool for Linux - Logkeys Types of keyloggers 1.    Hardware Keylogger ·        It is a physical device that is used for capturing keystrokes ·        For hardware keylogger one must hav...
Read more