Malware with Rootkit Features Grows

An alarming increase in the amount of malicious code using rootkit techniques has been detected recently. In 2006 there was a 62 percent annual increase and the forecast for 2007 is equally pessimistic. Given that in the first two months of the year 25 percent of last year's total has been detected, the overall increase this year is expected to be around 40 percent.

Rootkits are programs that use stealth techniques to prevent malicious code from being detected by security and system administration software. As it is hidden, the malicious code can then act with complete impunity. Rootkits can also hide processes, files and even modifications to the Windows registry.

February's ranking of the most dangerous threats includes three malicious codes that use these techniques: Bagle.HX, Abwiz.A and the highly dangerous Nurech.A.

"Rootkit techniques are becoming increasingly popular among malware creators, particularly for spyware and banker Trojans," says Luis Corrons, Technical Director of PandaLabs.

As rootkits can evade detection by traditional security systems, proactive protection is needed to identify the program's behavior and detect malicious code using these techniques.

"Users need security systems that can counter this type of hidden threat, otherwise their confidential data can be exposed with the consequent risk of theft and fraud," explains Corrons.