![]() Later, Ken Thompson who was working for Bell Labs at the time and was one of the original authors of UNIX exploited the Unix C compiler in the public distribution of the OS that is now considered equivalent to a rootkit. On UNIX, “admin” access is referred to as “root” access while the malicious payload of the malware is referred to as the “kit.” The first documented case of a rootkit was actually written by Steven Dake and Lane Davis in 1990 on behalf of Sun Microsystems for the SunOS UNIX OS. The Brain virus was not the original rootkit however, as the term became associated with malware targeting the UNIX operating system. As time went on, the cloaking methods for the DOS operating system would start using interrupt calls (INT 13H BIOS specifically) to hide their presence and their modification of OS files similar to how a rootkit works today. The virus would redirect attempts to view or read the boot sector to a copy of the original boot sector saved in an alternative location on the hard drive. ![]() The first time a computer virus was documented targeting a personal computer, was the Brain virus in 1986. After gaining access to the computer, the rootkit will use the administrator access to hide its installation and make modifications to installed antivirus software to prevent it from being detected or removed. Rootkits typically gain access to a computer by leveraging a known vulnerability in an operating system, web browser, instant messaging client, etc. The two primary methods a rootkit can be installed are manually by a malicious actor after gaining root or admin access to the targeted computer or automatically via software. Although rootkits originated with the UNIX operating system by providing root access to the software components installed with the malware (the kit portion of the name), they have since been developed to provide potentially rogue actors with access to computers running the Windows and Mac OS X operating systems. ![]() Once installed, a rootkit will typically obtain administrator or higher-level permissions on the infected computer. A rootkit is a type of computer malware that is created to hide programs or other computer processes from detection from both users and antivirus software programs. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
December 2022
Categories |