November 27, 2006 3:43 PM PST
Security A to Z: Rootkits
A rootkit is a toolkit developed for hackers--a set of programs used to conceal processes, files or data on a hacked system, so the intruder can, for instance, maintain undetected backdoor access. But it's not just the cyber underworld that makes use of rootkit technology.
Rootkits hit the public radar late last year when it was discovered that a Sony BMG antipiracy rootkit embedded on some of its music CDs was being exploited by Trojan horse viruses.
Users who had installed Sony software so they could listen to their music on their PCs also unwittingly installed a digital rights management (DRM) program designed to limit the number of copies of the CD they could make and prevent them from making unprotected MP3s. Several Trojans piggybacked on Sony's DRM tech, cloaking themselves and their nefarious activities. Microsoft even updated its security tools to remove the Sony rootkit, dubbing it a Windows PC security risk.
The issue led to a deeply apologetic Sony recalling millions of CDs and agreeing to pay damages to angry customers.
Natasha Lomas reported for Silicon.com in London.