From the course: Ethical Hacking: The Complete Malware Analysis Process

Unlock the full course today

Join today to access over 22,600 courses taught by industry experts or purchase this course individually.

Digging into rootkits

Digging into rootkits

From the course: Ethical Hacking: The Complete Malware Analysis Process

Start my 1-month free trial

Digging into rootkits

- [Instructor] Malware using the basic hiding and cloaking techniques can be detected by a knowledgeable investigator. Consequently, the more sophisticated attackers have developed techniques which install malware, not just as an application or process, but deep into the heart of the operating system. This kind of malware is known as a rootkit. A rootkit doesn't exploit vulnerabilities. It's designed to hide, operate, and carry out it's mission using normal system functions. Similarly a rootkit isn't a virus. It's an implant which exists in a target, but it doesn't by itself propagate. It can however be combined with virus like code to enable propagation laterally once installed in a system. In order to deploy a rootkit, an attacker must first penetrate the target system and then use what is known as a dropper to install the rootkit, which it either carries as a payload or subsequently downloads. The job of the dropper is to check whether the rootkit already exists on the system…

Contents