Security experts warn of massive rootkit infection

Malware researchers at Prevx have highlighted what they are calling a ‘massive growth’ in the number of PCs harboring rootkit infections.

More than 725,000 PCs were scanned using the Prevx CSI malware scanner over a two-month period. Of the around 291,000 users who scanned their PCs during October 2007, some form of spyware or malware was found on one in six.

Significantly, although rootkits were detected on 15.6% of PCs during October 2007, that figure had risen to 22% by early December.

According to Prevx’s Jacques Erasmus: “The rise of the rootkits has begun.”

Rootkits are often ‘dropped’ or buried by other infections. They then modify a PC’s operating system to hide themselves from both the user and any security products installed on the computer. By so doing rootkits can allow criminals to remotely monitor, record, modify, steal and transfer data from the victim’s PC.

Some rootkits are undetectable by conventional antivirus and antispyware applications. A tech-savvy user may believe his or her computer is ‘clean’, and unwittingly pass on increasingly valuable personal and financial data.

Since 1 December 2007, 114,891 new users have run Prevx CSI with rootkit-detection features enabled. Of those PCs, 1,678 had what Prevx describes as ‘significant rootkit infections’. That equates to 1.46% or approximately one in 70 systems, which is almost 15 times higher than the one in 1,000 rootkit-infected PCs previously estimated by industry experts.

In the first nine days of this month alone, 93 companies used the free Business scan feature of Prevx CSI. Of these companies, 68 had one or more infected PCs. Thirteen companies, or 14%, had one or more PCs harboring rootkit infections.

These stats don’t take into account the fact that users who scan their PCs are more likely to have concerns about infections.

“Consumers and businesses have a significant new threat to security and privacy to worry about,” said Erasmus.

“Rootkits are often undetectable and extremely difficult to remove. Both detection and removal are well beyond the capabilities of traditional antivirus, antispyware and internet security suites,” he added.

Comment: [email protected]

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Story

How the CTO can Maintain Cloud Momentum Across the Enterprise

Embracing cloud is easy for some individuals. But embedding widespread cloud adoption at the enterprise level is...

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.

Featured Tech Jobs