For the second part of my What's In A Name series, we take a look at the cornerstone of malware: Rootkits.
First, what is a rootkit?
A rootkit is a piece of malware that operates somewhat like an elite Special Forces unit. It gets in, communicates with headquarters, recons defenses, and messes stuff up so that the main strike force coming in later will have an easy time.
Rootkits are like Special Forces units in another way as well: Try to remove them, and they go wild. This is why every rootkit remover worth his or her salt warns that removing a rootkit could lead to problems with the operating system, to the point where it will not boot.
This is because the rootkit gets into the system and replaces critical system files with those under the control of the rootkit. And when these replaced files are removed along with the rootkit, the system can be rendered inoperable.
This is why rootkits are some of the most difficult malware to remove. Do one thing wrong, and you could break the computer you are trying to fix.
Hope this clears the issue of what a rootkit is up.
To look at Part One of What's In A Name, go here.
To look at my definition post which contains a brief summery of some of the terms used when talking about malware, go here.
If you have a question or just want to tell me how awesome I am, feel free to comment in the space below. It's FREE!
No comments:
Post a Comment