Rootkit Contaminations Found on Windows XP

According to AVAST's Virus Lab, its researchers have discovered that rootkit infections are increasingly occurring through pirated and un-patched editions of Windows XP, published PRFIRE dated July 28, 2011.

Based on a study spanning 6-months by the company a list of around 63,000 samples was compiled as also Avast noticed that 74% of the contaminations occurred with Windows XP computers in comparison with 17% and 12% for Vista and Windows 7 computers respectively.

Lead researcher at Avast, Przemyslaw Gmerek stated that the enormous infections on Windows XP could be attributed to a huge market share of the OS as also enhanced security features built into the software's latest versions; however, other factors too had roles. V3.co.uk published this on July 28, 2011.

Gmerek stated that one problem in the case of Windows XP was that its pirated versions existed in large numbers and users particularly couldn't update them appropriately since Microsoft update couldn't validate those versions.

He added that due to the manner in which rootkits attacked as also remained intensely hidden inside the OS it made them a perfect tool to seize personal information.

And despite Windows XP being ancient, it continues to be used most widely worldwide, with 49% of the consumers of AVAST anti-virus running the software in contrast with 38% and 13% running Windows 7 and Vista respectively.

A key characteristic of rootkits is that they effectively conceal themselves by destabilizing the functionalities of a commonly used OS alternatively other software programs on the target systems.

Notably, online-crooks are continuously adapting their attack ruses while MBR (Master Boot Record) continues to be their chosen attack point even for TDL4 rootkits, the latest.

And while it isn't quite known how many pirated versions of Windows XP exist, the increasing adoption and utilization of RemoveWGA, software that eliminates Windows Genuine Advantage notices for free can serve as a warning.

Meanwhile, Avast's researchers further discovered that rootkit assaults against MBR represented the greatest of all preferred infection strategies of hackers, being responsible for 62% of the entire contaminations.

Gmerek suggests that users require deploying anti-virus software that's maintained up-to-date and conducting a regular PC-scan for rootkits.

Related article: Rootkits Can Be Detected And Eradicated

» SPAMfighter News - 8/8/2011