Malware with Rootkit Techniques Will Continue to Increase

PandaLabs, the malware detection laboratory of Panda Software has found an alarming rise in the total amount of malicious code infecting PCs and networks with rootkits. The lab has estimated a 62 percent growth in rootkit operations for 2006. And it predicts 2007 will be even worse.

Rootkit programs use treacherous techniques that hide malicious code from detection by conventional security and system administration solutions like anti-virus or anti-spyware software. As the malware remains concealed it can act with complete freedom. rootkits are also capable of hiding files, processes, and even changing entries to Windows registry.

In January-February 2007 Panda Software has already identified 25 percent of the particular malware of last year's list. It forecasts that this year there will be an overall increase of 40 percent.

The Panda League said the stealthiest threats including Bagle.HX, Abwiz.A and Nurech.A were the three dangerous rootkits of February malware for 2007.

The Bagle.HX worm has rootkit features that enable to hide files, processes and Windows registries. It also tries to disable services of many security products like anti-virus programs and firewalls.

The Abwiz.A allows the attacker to break into the infected computer. It hunts passwords and steals them. It applies treacherous techniques to evade notice of the computer users. The rootkit does not spread by itself but needs certain support to do so.

Nurech.A is the most dangerous worm that disables several processes of security tools such as firewalls and anti-virus software. The worm spreads through an attachment in e-mail messages.

Malware creators increasingly use rootkits particularly in banker trojans and spyware, said Luis Corrons, technical director of PandaLabs in a company press release that PRNewswire published on March 8, 2007.

Since rootkits are able to get past anti-virus and anti-spyware security tools, there is need for proactive protection to stop the threats on the basis of the behavior and intent of the malicious code, Corrons added. There should be proper security systems on the users' PCs to counter such hidden threats otherwise confidential and sensitive information will get exposed to online criminals for theft and ID fraud, he explained.

Related article: Malware Authors Turn More Insidious

» SPAMfighter News - 3/26/2007